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Preface 


Whenever the subject of home computers comes up, the topic 
nf software piracy inevitably follows. The two are, to some 
people, inseparable. Piracy has both fierce enemies and staunch 
defenders. The emotions surrounding piracy are so strong that 
rational arguments are often obliterated by personal feelings. 

Software piracy is a serious problem for software 
manufacturers who cater to the home computer market. On the other 
side of the coin, not every user is a pirate. Software publishers 
have a delicate balancing act to perform. They must protect their 
software from pirates, with a minimum of inconvenience to 
legitimate users. 

This book takes an honest look at all the aspects surrounding 
piracy. It discusses the advanced methods of software protection 
that manufacturers have developed to thwart pirates, it also 
reviews some popular back up tools, and examines the various 
kinds of pirates. The disk included with this package provides 
programs which will help anyone, from individual to large 
corporation, to keep their software safely out of pirate ciroles. 
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Introduction 


Piracy is the illegal duplication and distribution of 
copyrighted software. In spite of laws prohibiting piracy, it has 
become one of the most popular pastimes of computer users. 
Although users have a legitimate right to make backups for 
personal safekeeping, thousands of dollars in software sales are 
lost each month due piracy. The plummeting cost of personal 
computers is one of the major contributing factors to the growth 
of piracy. When a complete computer systems costs only several 
hundred dollars, most users are understandably reluctant to pay 
$100 for a single program, specially if he or she can copy a 
friend's program for the cost of a blank disk. Both software 
companies who demand outrageous prices and users who expect 
something for nothing are to blame for this dilemma. 

Software companies are caught in a bind. Software development, 
testing, and marketing can be prohibitively expensive. Most users 
actively dislike copy protected software, but unprotected 
software - even buggy, preliminary versions - spreads rapidly 
through pirate circles. 

And the software does spread fast. If a single unprotected copy 
of an unreleased program gets into a pirate’s hands, the market 
for that product can be ruined in a matter of weeks. 

Software spreads quickly because pirates are not only numerous 
and widespread, but very organized. Bach pirate is anxious to get 
the newest programs, and quickly trades his latest acquisitions 
for the next "hot" program. The telephone system has rendered 
distances meaningless. With electronic communication, a pirate 
can transmit a program across the country as quickly as he can 
transmit it across town. Pirates fora groups, clubs, bulletin 
boards, parties, and newsletters to facilitate the trading of 
illegally copied software. 

Some companies have recognized the size of the pirate market, 
and produce materials that cater to it rather than thwart it. 
Companies advertise hardware products designed to produce back up 
copies of copy protected software, and software tools designed to 
make a pirates task much easier. As some software producers toil 
to protect their programs, others offer utilities designed to 
break and copy even the most complex copy protection schemes. 

Some software companies have chosen the legal route to 
software protection, pushing legislatures to toughen laws, and 
law enforcement officials to carry them out. Police have set up 
bogus bulletin boards to lure unsuspecting pirates. Government 
officials in both the United States and Canada are cracking down 
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on profiteers, the pirates who reproduce copyrighted software in 
large quantities, and offer them for resale at bargain prices. 
These unscrupulous pirates often convince unwitting buyers that 
they are purchasing the "real thing" instead of a bootleg copy of 
a stolen program. 

This book will delve into pirates themselves, who they arn, 
and how and why they copy programs, It will explain the oopy 
protection techniques used to fight piracy today, and the ones 
that many companies are developing to use tomorrow. It will 
examine the current status of copyrights, patents, and other 
legal forms of copy protection, discuss the pros and cons of 
each, and analyze the trends in software protection law. It will 
review the various miscellaneous methods used by software 
producers to protect their goods. It will review the current off 
the shelf software back up tools, discussing the capabilities, 
advantages, and disadvantages of each. Lastly, this book and disk 
offers some utility programs for software writers who want to 
guard their programs from pirates. 

For the most recent news, too late to be printed here, see the 
disk included with this package. 


Notes for Software Manufacturers: 

The goal of software protection is to maximize the return on 
the publishers and programmers investment, not to prevent piracy 
at any cost. If a protection method prevents a program from being 
sold at a reasonable price, or if it makes the program too 
difficult or tedious to use, then it does not meet this goal. 
Some people are so obsessed with protection that it has prevented 
them from selling their software. Ideally, software protection 
should not discourage consumers from buying and using a program, 
but should prevent most users from duplicating and distributing 
copies. 


Important Warning to Software Manufacturers: 

Software protection methods often take advantage of flukes in 
the way a computer or disk drive perceives data. With the 
increasing number of models of computers and drives, it is 
difficult to be sure that the fluke will behave the same in each. 
One of the greatest frustrations a purchaser can experience is to 
find that a legitimately purchased program will not run on his 
system because of copy protection. Manufacturers should be sure 
to thoroughly test all protection methods on a number of 
configurations to be sure it works properly on each. If this step 
is overlooked, it can create bad will towards the product (and 
the company) that may be difficult to overcome. If you find that 
your protection does not work will all brands of disk drive, 
computer, etc., you should clearly mark that information on the 
package, or, better yet, change the protection. 
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Section I 
The People 



"They call us pirates and worse. They look their programs 
behind hardware and software schemes. The set the minions of Ilia 
law upon us. And still we flourish by our wiles. 

Ahoy, ye nicrolubbers: to pirate a programs is not to steal, 
but to liberate knowledge. We don’t take money or goods from 
anyone; we merely free up information. Most of us don’t profit, 
from our buccaneering activities; instead, we share the wealth 
with our fellow computer users. 

The software moguls have only themselves to blame for our 
cracking open the bars to their programs. If they didn’t oharge a 
king’s ransom for disks that cost a pittance to duplicate, there 
would be little incentive for us to practice our skills. There 
would be little need for them to protect their programs if 
software were not more expensive than what you and I could afford 
to pay. 

We are no longer in the Dark Ages of personal software, when 
so few people used computers that program development costs had 
to be defrayed by high unit prices. Now so many microcomputers 
are in use that a program should cost no more than a lightweight 
paperback novel. Instead, we are paying illuminated manuscript 
prices. 

Maybe someday the software publishers will understand how 
they’re killing off the golden goose. But until that time be 
warned: there will be many a pirates flag on the software 
horizon." 

JOLLY ROGER 


From Digital Deli by Gerry J. Elman 
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Introduction 


Computer UBe today spreads across all walks of life. The 
trowing popularity of personal computers has brought news about 
computer hackers to the front pages of publications around the 
country. Terns such as Phone Phreaks, Software Pirates, and 
Computer Viruses are popping up in the news every day. Most news 
writers, and most people, are not aware of what is really 
happening in these well publicized cases, and do not really 
understand the underlying trends. Understanding these trends is 
an essential first step to understanding the trends in software 
protection. The first section of this book tries to clear up the 
confusion, examine the cases, and show the ways to deal with the 
people involved. It focuses primarily on Piracy and On-Line 
Security, but also covers the related area of Phone Phreaking. 

This section will break the people down into groups and talk 
about each group separately, then show how they relate to the 
whole topic. In several areas, such as Phreaking and Pirate 
Boards, the technical details of how they operate will be dealt 
with. These areas are inoluded for the more advanced readers, but 
full understanding is not required. 
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Chapterl 

Motivations 


Piracy is the duplication and distribution of copyrighted 
software without the permission of the copyright owners. It’s 
legal to make a working back-up copy of software that you have 
purchased, as long as that back-up copy is only for your personal 
UBe. The problems arise when back-up copies are given away to 
others who have not purchased the ^software, or traded for copies 
of other software that the individual does not own or Intend to 
buy. Many people who are unsure or misinformed about copyright 
laws are unintentional pirates. In a survey by Allen Harberg of 
100 Atari user group presidents, up to 62% believed that certain 
activities, which do, in fact, violate copyright laws, were 
legal! 

The reasons for becoming an intentional pirate are as diverse 
as computer users themselves. Generally speaking, There are two 
main kinds of pirates; those who pirate for personal enjoyment, 
personal satisfaction, or financial savingB, and those who pirate 
for profit. The people who pirate for enjoyment oan be loosely 
broken down into the categories of hackers, collectors, 
gamers/uBers, and belongers. 


Hackers 


A hacker is a person with a strong personal interest in 
computers. True hackers are very closely involved with their 
computers and the software available for them. They can program, 
and frequently are very talented programmers. They have an 
excellent understanding of their systems. Hackers are extremely 
curious, and usually see software protection as a puzzle to be 
solved. They don’t stop at removing the protection from a 
program, but will modify the program to suit themselves, often 
adding an "unlimited life" option to a game, or encrypting their 
initials or "handle" into the title screen. These people have the 
drive and skill to disarm most software protection schemes. 
Fortunately for software producers, true hackers are a small 
minority of computer users (more about hackers in Chapter 4 under 
Phone Phreaks). 
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Collectors 


The collector is, in sone ways, the most dangerous kind of 
pirate. Collectors want to build a huge collection of software, 
just as some people build huge coin or stamp colleotlona. 
Collectors will make several pirate copies of programs, and use 
those copies as trading material to obtain more illegal oopias of 
other software. Some collectors will go to extremes to get a copy 
of a new or heavily advertised program, even though they have 
little desire to use it. While a hacker knows every detail of his 
programs, a collector may run a program only once to verify that 
it works. He may never use a program again, except to trade it, 
for other software. This group has the least knowledge of their 
software, and is the most likely group to be seen trading 
preliminary versions. 


Gamers/Users 

The majority of computer users involved with piracy are gamers 
and users. They accumulate and trade software because they want 
to use one or more speoific programs. The motivation to pirate is 
based mainly on saving money. Most often this group is made up of 
people who love to play games. Most people use only one good 
spreadsheet or word processor program, but gamers want to play as 
many different good games as possible, so most of the programs 
they trade are game software. When a new game comes out, these 
people will often band together to buy it and hope to make copies 
for each other. 


Belongers 

Belongers trade software to be part of the group. They like to 
meet people, and have found the computer is a good way to do it. 
Belongers have an extensive software collection to gain status 
among other computer users, or trade software with a large number 
of people to be sociable. Although the people who use pirated 
programs to gain status are usually in their teens, these traits 
can be found all the way to the oldeBt computer users as well. 
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Profiteers 


A wide range of activities can fall into this category. On one 
end of the spectrum are the commercial ventures that make 
counterfeit copies of programs to sell to unsuspecting 
purchasersi on the other is the teenager who trades his software 
for blank disks to expand his collection. Commercial pirates make 
up the majority of software companies in countries like Taiwan, 
but are not very active in the U.S.. This is partially due to the 
lack of copyright agreements in some countries, as well as the 
general aura of acceptability surrounding piracy there. Between 
these two extremes lies a group who may sell pirated software, 
but only to friends, and often under the pretense of covering 
expenses incurred in obtaining the software. It should be pointed 
out that the majority of pirates are happy to make copies for 
their friends, but draw a definite line at selling pirated 
software. Some will buy a program, copy it, and sell the original 
at a discounted price. 

There has been a recent rash of FBI sting operations to close 
down blatantly obvious profiteers who sell counterfeit software 
through ads in newspapers and computer magazines (see New Trends 
in Software Law). 


Conclusion 

One fact not mentioned in the above discussion is that piraoy 
is illegal. A copyright notice on software seems to have little 
effect on the majority of software pirates. A company that feels 
a copyright notice is adequate protection against piracy 1 b 
ignoring the facts. Rumors of persons being jailed for copyright 
infringement have scared some people, but most know these rumors 
are not true (see New Trends in Software Law seotion). 

According to InfoWorlds's Robert X. Cringly, "An organization 
calling itself STOP (Software Theft Opposition Project) 1 ' is 
"looking for people who illegally copy software for fun or 
profit" to volunteer for a study to discover why pirates do the 
things they do. STOP claims "Although you will be asked to give 
us your real name and phone number, we guarantee that this 
information will be kept completely confidential". 

Most people are a mix of personality types, and most pirates 
will fit into more than one category. Still, understanding what 
motivates a pirate can provide clues to successful software 
protection. 
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Chapter 2 
The Sources 


Where does it all begin? Where are the sources that supply 
pirates with their goods? How can pirates often have products 
well before they are available in stores, sometimes even before 
they have been announced to the public? There are variety of 
answers to these questions. ThiB chapter discusses some of the 
most common sources. 


Purchasers 


Purchasing is the aost obvious source for software, but it’s 
probably the lest used aaong computer pirates. They avoid this 
method for several reasons. First, it’s the slowest, since 
speoial ordering a just released or newly announced product can 
take a long tine. New or unreleased software is the most highly 
prized aaong pirates, so aost aren’t interested in software 
that’s already available in stores. Purchasing is risky for a 
pirate, because he may be registered with the product’s serial 
number at the tine of purchase. If illegal copies bearing that 
serial number are found in circulation, the source is easily 
tracked down. It’s the most expensive method. Lastly, purchased 
copies are the hardest to back up, since all the protection is 
intact. 

A purchaser has some advantages. He gets a complete set of 
documentation, and company support if assistance is needed. He 
reoeives a version without extra bugs accidentally added to the 
program by the person who broke the protection. These are oruoial 
points when working with business or productivity software. 

Since these areas are of minimal importance for most game 
software, games are usually obtained from other sources. 


Samples k Beta Versions 

Surprisingly, many companies who seem oonoerned about piracy 
release totally unprotected copies, called beta copies, of their 
software for testing and samples. Some companies give out 
unprotected copies to reviewers to avoid any problems the the 
protection might cause the reviewer, and to prevent the reviewer 
from mentioning the protection in his review. Judging from the 
number of unfinished programs, or programs labeled "preliminary 
version" or "for demonstration only, not to be sold", available 
in the pirate community, beta and .test copies are dearly getting 
into pirate’s hands. 
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The old Atari management was probably the worst at thia kind 
of offense. They had a program where unprotected game software 
was distributed to high school students for review. Naturally, 
this unreleased software was excellent trading material, and so 
spread very quickly. Thia practice destroyed the market for a 
good number of games created by Atari programmers or thosn 
companies (like Lucaafilm) who were marketing their softwara 
through Atari. The "new" Atari Corp. seems to have solved most of 
these programs. 

One popular ploy is for a potential pirate to call a softwara 
firm claiming to be a dealer or reviewer. He requests a free oopy 
to demo at his store, or to write up a review. These taotios 
rarely work on large publishers, but an independent programmer 
selling his own software could be tricked into giving away 
complete copies to pirates. 


Software Company Insiders 

Frequently, company employees are given preliminary copies of 
software for testing purposes. These oopies have no protection 
and are usually kept as diBk files until the final, protected 
versions are ready, at which point the software iB placed on a 
boot disk, cartridge, etc. Surprisingly often, these preliminary 
versions make their way into the hands of pirates. Since they are 
unprotected and easily transmitted over a modem, they spread 
around the country (even the world) very fast. In rare cases this 
can work to the companies advantage. If the program is far from 
completion, but still looks very good, it can whet the appetite 
of potential buyers. Usually, however, the program is virtually 
complete, and advance oopies can destroy the market before the 
company even has a chance to make a sale. 

Company leaks allow the pirate community to obtain many 
programs that are available through no other channels, especially 
program that were never officially marketed. This actually 
entices many people to go into piracy. 


Hardware Comnsnv Insiders 

Computer manufacturers like to show potential buyers an 
abundant selection of software for their machines. Sometimes thia 
desire to show buyers how much quality software is available has 
led to piracy. Software companies often supply hardware vendors 
with programs (even before general release) for testing purposos 
and marketing assistance. Hardware company employees have boon 
known to circulate pirate copies of both their own and other 
companies software, as well as tes.t copies of software from third 
party vendors. Apple Computers, Inc, is a well known example of 
this problem. In a reoent investigation, reporters from InfoWorld 
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obtained over $1100 worth of illegally copies software from a 
single Apple employee, including a copy of an unreleased 
spreadsheet from Microsoft, called Excel. None of the programs 
were copy protected. The employee admitted to frequently making 
pirated copies of programs, and trading with other Apple 
employees. 

This kind of piracy has destroyed the market for some 
programs even before they were released. In 1984, Don Brown of CE 
Software sent pre-release copies of several software programs to 
a hardware manufacturer and another third party software 
developer. Within weeks, copies of the program appeared on 
bulletin boards around the country. They began to receive 
technical support questions well before the products were 
released. Brown said "It ruined the market for the product.”, and 
he was forced to abandon attempts to sell the product through 
retail outlets. 

Although most hardware oompanieB may take an official hard 
line against piracy, few will actually do anything about it. It 
is best for them if a lot of software is easily available for 
their machines. Large quantities of cheap (or free) software is a 
good selling point. Some buyers have been known to select a 
particular brand of computer on the basis of access to pirated 
software. 


Other Sources 

Any time a pirate 1 b exposed to an unprotected oopy of a 
program, there’s a chance the program will be stolen. Some of the 
most common places where a pirate ban get a copyable program are 
listed below. 


Computer Store Employees 

A pirate working in a store has the opportunity to copy and 
distribute all the programs in the store (complete with 
documentation), as well as any samples, demos, and pre-release 
copies a store might receive. 


User Groups 

Only a few user groups are actually pirate groups (see 
Distribution Methods). User groups are often given pre-release 
software for evaluation and testing. If just one pirate getB an 
unprotected version of that software, it can quickly spread 
throughout the pirate community. 
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Libraries, Schools and Software Rental Firms 

Most software companies know that schools are frequently 
involved in piracy. Teachers will make copies of a program fm 
entire classes, and the students will make copies of Ulnae 
copies. Some libraries have begun to carry software. A pirate 
will simply borrow the software and documentation, oopy H, amt 
return it. 

Software rental firms also loan out complete oopiea of 
programs, including all the documentation, for a fee. Ideally, a 
user will rent several programs, try them, then purchase a copy 
of the one he likes best. But pirates can simply rent t.lm 
software, copy it, and return it. Some firms are "fronts" nr 
"covers" for pirate profitiers, who "rent" homemade oopies that, 
don't have to be returned. 


Work Locations 

Business software 1 b usually purchased by oompanies for eaoh 
legitimate user. However, employees have been known to make 
oopies for personal use and trading material. 


Shows 

It's surprising how often software still months away from 
completion is stolen or copied from displays at trade shows. Some 
vendors remove the disks after loading the software, and many 
shows restrict admission to those 18 and older, but shows 
continue to be a source for many advance copies and preliminary 
release versions traded in pirate circles. 


Conclusion 


With the large number of sources open to pirates, it’s not 
surprising that piracy is as widespread as it is. Although it’s 
impossible to close off all a pirate’s sources, software 
producers should try to reduce the risk in every area. One good 
way to discourage software company insiders from pirating la to 
give employees with access to unprotected software a percentage 
of the income generated from software sales. This gives them a 
personal interest in keeping the program away from pirates. That 
practice, in addition to careful employee screening procedures, 
will go a long way towards reducing the piracy problem. 

When dealing with hardware companies, securing a non¬ 
disclosure agreement before delivering software is essential. 
Also, be sure the program code itself is clearly marked "Not for 
distribution". This warns them not to give away oopies, and 
provides you with legal recourse if they do. 
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Exercise caution whenever providing a pre-release, demo, or 
review copy. Create special limited use or partially functional 
versions to use as free demos. Distribute review copies directly 
to editorial offices or established reviewers. 

Most importantly, never release an unprotected copy, unless 
you wish to forego copy protection. 
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Chapter 3 

Non-Electronic Distribution 


Once pirates obtain software! they copy and distribute it to 
others by various leans. The techniques they use to Bake copies 
vary depending on the type of software protection and 
documentation. The methods used to copy software are covered in 
Section II of this book. The remainder of this section is devoted 
to the methods pirates use to distribute software. 

Since software pirateB are computer users, electronics play a 
major role in the distribution of pirated software, though some 
pirates find it quicker and more convenient to trade software by 
non-electronic means. Beoause piracy brings people together from 
very different backgrounds, it is not unusual to find someone 
over 40 trading with a high school student. Pirates have created 
many activities to make trading software easier and faster. This 
section will describe some of these methods. 


Individual Traders 


The easiest, and probably most widely used, method of 
distribution is individual pirates trading among friends and 
acquaintances. They get together and exchange software while 
discussing and demonstrating new programs. Baoh person nay have a 
small group of people with whom he (or she) trades. Although 
software spreads slowly at first, it rapidly picks up speed as 
more and more people get it and trade it to others. Pirates spend 
hours trading, and pass software along as soon as they get it. 
Often, it's exchanged only on the promise that it won't be spread 
any further. These promises travel along with the software as it 
goes from person to person, each person thinking it won’t hurt to 
give the program to one more person, as long as that person 
promises not to give it to anyone else. 


The Mail 3yaten 

The mail system is an extension of individual trading in which 
software and documentation is mailed back and forth between 
pirates. Obviously, this greatly extends the reaoh of individual 
pirates, allowing them to exchange software with people from all 
over the world. Fortunately for software producers, there’s 
enough distrust among pirates that this method is seldom 
offootive. Most pirates expect to receive other programs in 
exchange for copies of the software they have. They often 
hoMitnte to mail software to other pirates, because they have no 
assurances the other pirateB will return the favor. 
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User Groups and Pirate CrouDB 

Many people get involved with piracy through pirates they soul 
at users groups. Although most user groups officially discourage 
piracy, individual members have been seen trading oopyrightad 
material during meetings. Sometimes user group’s publio domain 
libraries inadvertently contain copyrighted material, and often 
even well-meaning user groups duplicate articles and programs 
from magazines without permission. 

So far the topic has focused on legitimate user groups, but 
many groups are formed with piracy as their major function. 
Pirate groups with names like the Pittsburg Pirates and National 
Atari Pirates Organization (NAPO) may have over a hundred 
members. They may publish newsletters describing the newest 
pirated software, lists of the software available to members, and 
Want Lists of titles not yet in their library. Some have 
membership fees and dueB that go towards maintaining a library of 
pirated disks, and making new purchases. Often the group will 
purchase special hardware like The Discovery Cartridge for use by 
group members. Some groups have well over 1,000 disks, each 
filled with copyrighted programs, in their library. 

The justification members use are like those used by all 
pirates. One unique pirate groups states that "The purpose of 
this group is for it’s members to provide off-site back-up 
service to other members". Other say they meet to help offset the 
cost of overpriced software, or even such lofty goals as to usher 
in a new era with free exchange of information, or to assist the 
"informationally deprived". 

The danger of pirate groups is that the distribution of 
software iB very organized. By pooling together the talents and 
purchasing power of the members, they can copy a large amount of 
software. Pirate groups also tend to encourage piracy by giving 
it an aura of social acceptability and making a large collection 
of pirated software a status symbol. A skilled hacker in a group 
like this receives the praise and encouragement of others, and 
the organized skills of the members means that software oan 
easily be distributed. 
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L’I rate Parties 

When a pirate invites other pirates from near and far for a 
day of copyingi they call it a pirate party. They bring as many 
systems and disk drives as possible, and quickly and effectively 
exchange a lot of software. This brings together enough software 
at one place that people are willing to travel relatively long 
distances to participate. Some pirate groups also use this method 
for exchanging software. It's used most in cases where special 
hardware is needed to make copies. 


Documentation 


So far, this software exchange seems easy. Just pop in a blank 
disk and off you go. But some software is worthless without the 
manuals on how to use it. Of course a Xerox maohine can help, but 
many pirates refuse to let documentation out of their sight, even 
for a short time. The difficulties involved in obtaining oopies 
of documentation make it one of the major stumbling blooks for 
pirates to overcome. 

Reoognizing this, companies have tried to make their 
documentation even more needed. They can implement various 
passwords, make the program more difficult or complex, or use one 
of the other methods detailed in Chapter 8, Other Protection 
Methods. If not for the problems documentation poses to pirates, 
piracy would be even more widespread than it is today. 


16 




Chapter 4 

Electronic Distribution 


INTRODUCTION 


The electronic distribution of software holdB many advantages 
for a software pirate. First and foremost is speed. Software can 
be transmitted around the world in a matter of minutes. 
Electronic distribution also makes distances a leBS significant 
obstacle. If line quality and long distance charges are not 
considered, software can be exchanged with a pirate in China as 
easily as it can go across the street. 

Another faotor is ease. A pirate oan put up an on-line 
bulletin board system and trade software with people from all 
over the country without even being at home. A user oan wake up 
at 4 AM and download programs without getting dressed, or 
disturbing the person sending him the software. 
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"Many people think of phone phreaks as slime, out to rip nil 
Bell for all she is worth. Nothing could be further from i Iih 
truth! Granted, there are some who get their kicks by making Ci»«* 
calls; however they are not true phone phreaks. Heal phone 
phreaks are "telecommunications hobbyists" who experiment, pier 
with, and learn from the phone system. Occasionally title 
experimenting, and a need to communicate with other phrnnha 
(without going broke), leads to free calls. The freo anile ate 
but a small subset of a >true< phone phreaks activities". 


The Magician (Noted Phone Phreak) 
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Phone Phreaks A Illegal Use of Phone Lines 


A phone phreak (or phreaker) is a person who uses a telephone 
in improper or illegal ways. "Phone Phreaking" is participating 
in these telephone related activities. Phone phreaking does not 
necessarily involve breaking into on-line systems, that activity 
is referred to as cracking. Cracking, hacking, and other 
activities closely related to phone phreaking are discussed in 
the next section. This section deals with phone use. 

Phreaking is closely associated with computer use. Although a 
computer is not required, almost all phreakers today use one to 
take advantage of the telephone systems special cirouitry. Some 
of the most common activities of a phone phreak are to "hack out" 
(use trial and error methods) telephone long distance access 
codes, trade aocess codes, and use access codes illegally to make 
long distance telephone calls, often to on-line bulletin boards. 
Most phreaking activities are performed for enjoyment or 
challenge rather that any kind of financial rewards. Most phone 
phreaks consider themselves telecommunications hobbyists. 

The phreakers who do get involved for financial reasons (free 
phone calls) are also the most likely to be involved with 
software piracy. A successful phone phreak is dedicated, 
resourceful, and intelligent. A phone phreak who wants to copy a 
program usually has no trouble breaking even the most 
sophisticated software protection scheme. A pirating phone phreak 
has the ability to transfer the broken copy easily and quiokly at 
little or no cost. As a result, phreaking is often associated 
with software piracy. 


Hacking (As Related to Phon e Phi-enkg) 

An enthusiastic phreaker can quickly run up a big phone bill. 
To keep the costs down, one of the most popular activities among 
phreakers is "hacking" out special phone numbers and long 
distance codeB. They also use "boxes" to route long distanoe 
calls through the phone company’s computers to avoid being 
charged for the calls (more about this under Phone Company 
Numbers). 

2600 Magazine is a magazine devoted to phone phreaks. It 
contains all kinds of tidbits and clues for hackers and 
phreakers. 
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2600 Magazine 
PO Box 752 
Middle Island, NY 
11953 

(516) 751-2600 


Phreakers have various sources for the numbers they use to 
make free calls. Some are the telephone company's own numbers, 
some are unsuspecting customers access codes. Before AT&T broke 
up, the telephone company charged high rates on long distanco 
calls (which are very cheap for the phone company), and used the 
money to make up for the lower rates on local services (which are 
more expensive for the phone company to maintain). After the AT&T 
break up, many companies jumped into the lucrative long distanoo 
market. 

Some of these companies leased long distance phone lines from 
AT&T, installed switchboards and computers, and offer long 
distance service for less than what AT&T charges. A customer 
calls the carrier’s local phone numbers, enters an acoess oode, 
and the company places his call. The local numbers are easy to 
get. Phreakers hack out the individual access codes, then use 
them when making long distance calls, so someone else gets the 
bill. 


Phone phreaks have developed many different techniques of 
hacking out these numbers. The most obvious method is the "brute 
force" method, where a phreaker starts with a number (like 
111111) and tries a series of numbers in order (111112, 111113, 
111114, etc.) until he stumbles across a few which work. This 
isn’t very efficient, but most phreakerB know a few tricks to 
make it go much faster. For example, they know how many digits 
are in a valid code, and what numbers they usually start with. 
They often use computers to hack out the numbers for them. This 
kind of repetitive work is perfect for computers. Usually several 
good codes can be hacked out each night with a brute force, trial 
and error method, using a computer to dial and try the codes. Any 
autodial modem can be used with a simple program to check the 
results and redial. They trade working numbers with other 
phreakers, so one number can be traded for several others. 

Some phreakers know enough about the numbers to develop 
formulas which create many valid numbers from one. They Btill 
must test each number by trail and error, but most of the error 
is gone. Others apply these same techniques to charge card 
numbers, then attempt to use these fraudulent numbers to order 
merchandise, or charge long distance network usage. 
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Phone Company Numbers 

Another popular phreaking activity involves investigating and 
manipulating the phone system. The phone company has special 
numbers that are used for a variety of different things. 
Phreakers use ANI numbers to identify the phone number of the 
telephone they are calling from. This may sound a bit strange, 
but many phreakers don't like to make illegal long distance calls 
from their own phones. 

A loop is a circuit that telephone linemen use to test phone 
lines. One phreaker calls a number that connects him to one side 
of the loop, and another calls the other end. The two calls are 
connected, and the phreakers can talk. When they contact each 
other on a loop, they don’t have to give out their home phone 
numbers. Some conference loops allow many people to call and talk 
together at the same time. Phreakers use these loops for 
meetings. 

Loops oan be local or national. Phreakers use national loops 
to make free phone calls. One phreaker calls the local end of the 
loop, the other calls the national end collect. The first 
phreaker is waiting on the line, and readily agrees to aooept the 
charges. Since the charges are billed to the loop number, the 
phreakers can talk for free. 

Phone phreaks use boxes that generate tones to fool the phone 
company's computers. One popular trick is to call a toll free 800 
number. When a call is placed to an 800 number, the local billing 
company will not charge the caller. Then, when the 800 number is 
ringing, before anyone has a chance to answer the phone, the 
phreaker uses a box to send a tone down the line. This makes the 
machine at the other end of the circuit think the caller has hung 
up before the call was answered. The caller’s end of the circuit 
is still aotive, so the phreaker can send tones through the line 
that will route his oall anywhere in the world. When the 
receiving party finally picks up the phone the call information 
will be sent baok to the billing computer. But the billing 
computer still thinks the caller dialed an 800 number, so it 
throws the billing information away. The result is a free phone 
call. 


Blaok Boxes. Blue Boxes■ and Other Kxotic Hardware 

Boxes are the tools of the trade for phone phreaks. Although 
the ST is capable of generating the sane tones and doing the sane 
jobs, and pirate bulletin boards may offer several different 
software programs that imitate these boxes, they are still 
popular tools for Phreakers. 
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BLACK - Also known as a "MUTE" box, this box causoa the |iIhhin 
company’s computers to think that a call was never answered, ■>• 
it’s never billed, but allows both parties to Imvn a 

conversation. This was the first of many Phone Phronk bunas 
There’s more information about black boxes in the following 
section. 

BLUE - Gives the user the power of a long distance operator. II 'a 
very powerful for routing an directing calls. AT&T has found a 
way to detect these, so they are almost always used from pay 
phones. 

RED - Imitates the tones generated by a pay phone when ooina nre 
deposited. This tricks the phone company's computer into thinking 
that coins are being inserted. It reduces the cost of oalls (ovan 
overseas calls) to 5 c for 3 minutes. 

PURPLE - Combines all the functions of a red and a blue into ona 
box. 

BEIGE - A device that imitates a teletype machine. 

WHITE - Generates the tones equivalent to a touch tone pad. It’s 
used for autodialing. 

GRAT - Equivalent to a touch tone pad with 16 keys. It operatoa 
at 1633 Hz. 

BROWN - Combines many functions of the others into one box. It 
always contains at least the equivalent of a purple and a gray. 
This is the most powerful device currently in use. It’s crystal 
controlled, and very stable even under temperature and power 
changes. 

YELLOW - A 26000 Hz generator, used as a simple "MUTE" device 
(see below). 

GREEN - This is used by a person called from a pay phone to give 
the caller back his money. It can also make the phone oolleot 
coins, and ring back after the caller has hung up, though the 
call must be made from a pay phone. Some use this in conjunction 
with a red box, so the caller gets his quarter back. 

"MUTE" - Any device used at the receiving end that makes the 
phone company think the called party never answered, but still 
permitting conversation. A black box is the most famous of those 
"MUTE" devices. 
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De tecting Boxes 

In the eyes of a phone phreak, these devices all have one 
flaw. The phone company can find the receiving party’s number. 
Although the phone company can’t really do anything to the 
receiving party, they can harass them for information about the 
caller. Therefore, it’s best not to use these boxes for calling 
your mother or your boss at work. 

The phone company is implementing two new systems, known as 
ESS and CCIS. They are making life harder for phone phreaks. ESS 
stands for Electronic Switching System. This system can trace a 
phone call in a matter of seconds. Without ESS, tracing takes 
many minutes. This forces phone phreaks to restrict the length of 
their calls, and that’s a problem when downloading files. CCIS 
stands for Common Channel Interoffice Switching. This system 
allows the phone company to send the control signals over a 
separate line, instead of using tones on the voice line. In area 
where CCIS is installed, a blue box will not work, unless the 
call is to or from an area without CCIS. 


The Anatomy and Use of a Simple Black Box 

Black boxes are the most heavily used because they are 
extremely easy and inexpensive to construct. In fact, starting 
with an ATAT phone, a simple black box will cost under $5. Of 
course, using a black box is a criminal offense, so it's not 
advised, even for educational purposes. 

All that’s required to build a black box is an SPST toggle 
Bwitch, two 6" strips of wire, and a 1/2 watt, 10* resistor. The 
phreaker gets his parts from any electronics store, and solders 
the two strips of wire to the switch. He then removes the bottom 
of the phone and the plastic case to find the network box. The 
network box is in the approximate center of the phone, and has 
labeled terminals with wires attached. It’s a simple matter for 
him to attach the resistor between the "F" and ”RR" terminals, 
and connect one of the wires from his switch to the ”RR" 
terminal. Now all that remains is for him to disconnect the wire 
that originally ran to the "F" terminal, and attach it to the 
other side of his switoh, which is then run out of the back of 
the phone. 

Once assembly is complete, the phreak will set the Bwitoh to 
the NORMAL position (where a dial tone can be heard) and arrange 
for a friend to call him long distance at a specific time. When 
the phone rings, he lifts and drops the receiver as fast as 
possible (to stop the ringing), then flips his switch, and picks 
up the phone to talk free of charge. When he’s done, he hangs up 
the phone, and flips the switch back to the NORMAL position, 
ready for it's next use. 
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WARNING - The phone company can randomly check for black boxos. 
Persons caught using these devices may be subject to criminal 
prosecution. 


How It Works 


When someone calls long distance, the billing starts when the 
phone is answered. The phone company knows the phone was 
answered, because a return voltage begins to flow as soon as the 
receiver is lifted. The resistor in the black box cuts this 
voltage down to a point where it is too low for billing to begin, 
but still high enough to work the mouthpiece. When the receiver 
is quickly lifted and dropped, the ringing is stopped, but the 
receiver is not off the hook long enough for billing to start. If 
the receiver is lifted for one full second, billing begins. The 
call will be disconnected when the phone is hung up and the 
switch is flipped. 

More elaborate black boxes are fully automated, so timing is 
not important, but they are much more complex to build. 


Cracking 

Cracking is illegally accessing on-line computers. The movie 
War Games . about a teenager who breaks into the Defense 
Department’s computer system, brought oracking into the 
limelight. There was a large increase in cracking activities 
after the release of the movie, but it also served to alert 
systems operators to the dangers. Cracking is closely related to 
on-line protection, which is discussed in Chapter 6. 

Some amateurs were surprisingly successful. Six months after 
the movie was released, a dozen people in Milwaukee, WI, ranging 
in age from 15 to 22, broke into the computers in a nuclear 
weapons laboratory in Los Alamos, a Los Angeles bank, and a dozen 
other firms in the US and Canada. One of the group members said 
"It didn’t take too much intelligence to get into the things". 

Like other computer users, crackers and hackers form dubs. 
Bill Landreth, a.k.a. The Cracker, and a friend formed a now 
famous group, The Inner Circle. He began breaking into systems 
when he was fourteen, and was caught by the F.B.I. when he was 
seventeen. In his book, Out of the Inner Circle , he tells of his 
first experience in cracking into a system. A friend had givitn 
him the number of a local firm’s computer. He called the system, 
and began trying passwords. He called twice and tried using first 
names, with no luck. He says "My third try was LEE. Against odds 
no gambler would ever bet on, it worked... three tries with no 
clues, and I hit on a valid account/password combination." 
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Most hackers are not destructive, they just enjoy exploring 
large computer systems. If they have the time, they will often 
spend as much as 60 or 70 hours a week hacking. They may oraok 
only four or five new systems a year, and most of these accounts 
will die within six months. By trading information, a hacker can 
gain access to two dozen or more different systems. Most hackers 
despise people who destroy data or files in computer systems. 
When a user ID and password are abused, the systems personnel 
will discover the damage and cut off that account. The hacker 
will no longer be able to use the system unless he can crack it 
again. 

Hackers often set up private bulletin boards, to post and 
exchange information and messages. An experienced cracker is a 
seourity expert, so these boards usually have elaborate on-line 
security systems (see On-Line Protection). This kind of bulletin 
board was the primary communication channel between the Inner 
Circle members. Less exoluBive hackers will trade information 
over public bulletin boards, and occasionally over public 
information services, Buch as Comp-U-Serve. 

In his book, Bill described the different kinds of hackers. 
"Novioea" are attracted to hacking beoause it seems like fun 
mischief. They usually don't get too far, and quickly become 
bored. "Students” enjoy exploring the system, and learning as 
much as they can about they way it operates. "Tourists" enjoy 
the challenge of breaking in, once they have succeeded they are 
usually not interested in exploring the system any further. 
"Crashers” are deliberately destructive, their sole intent is to 
see how muoh damage they can cause. Most other hackers don't like 
Crashers. A "Thief" will gain access to a system to steal 
valuable data. Often he works for the company he is stealing 
from. 

For people who want to be hackers, but don't want to break the 
law, Activision has a partial solution. In September 1985 they 
released a game called Hacker, which simulates a computer break- 
in. It comes with virtually no instructions, and when booted, 
presents the player with the message "Logon Please”. The object 
of the game iB to gain access to the system and discover illegal 
aotionB by the company whioh own the system. The game scenario is 
aotually nothing like a real system, but it may be a refreshing 
ohange of pace. 
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Pirate Boards 


The Front Operation 


Bulletin boards are a popular way for many pirates to oxohnngn 
software. Since piracy is illegal, many pirates hesitate to post 
notices referring to piracy or illegally copied software on 
public information services such as Comp-U-Serve. A pirato who 
leaves a message on an independent bulletin board risks tho wrath 
of the sysop (system operator). Because of the dangers in "optin 
waters”, pirates set up their own bulletin boards. 

At first, a pirate board looks just like any other board, 
except that it seems very small. There’s a few old publio domain 
files to download, and a few old messages. It appears to bo a 
very dull system. Most browsers log on, look around, and leavo. 
They’ve seen the "front operation", but they can’t get at what 
lies behind it. The front is a cover, set up to discourage 
curious tourists from examining the board any closer. 

Pirate boards usually have layers of security, so without an 
access code, all a caller will see is the front. An inquisitive 
caller may wonder how a board so empty can have four full disk 
drives, but unless he tries to crack the system, or leaves an 
intriguing message for the sysop, he’ll never know what'B there. 
With the right acoess code, a user can get past the front. Tho 
higher the user’s security level, the more he can access on tho 
board. Some boards have many different levels, so only pirates 
with the highest codes have access to the most valued software. 


Inside a Pirate Board 


A pirate board is the software pirates treasure chest, and tho 
boards phone number is the key. The boards post listings of 
other pirate boards, chaining together a worldwide "underground" 
network. Some poBtings include specially worded messages; "keys" 
for new pirates to get past the front on other boards. 

The biggest prize among pirates is software, and largo, 
popular boards, or boards visited by insiders, have plenty of it. 
Most of the files are broken copies of programs, beoausa 
protected programs are hard to transmit (see Transmitting 
Protected Programs). This means a pirate can make an unlimited 
number of copies of the programs he downloads. 
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Even the newest releases quickly appear. These unprotected 
copies can include nuch of the information that cornea with a 
purchased copy. Gilman G. Louie, CEO/Chairman of Spootrum 
Holobyte Bays "Within 30 days of releaseing FALCON ST, pirates 
had put the product up on bulletin boards - oomplete wiht 
diagrams for the code wheel protection, keyboard layout, and 
mission maps!" 

In addition to programs for downloading, most pirate boards 
also post listing from the sysop and other pirates willing to 
trade. These listings are called Want Lists and Available Lists. 
Want Lists are lists of software that a pirate, or the sysop, is 
looking for. Software on a Want List is usually something a 
pirate will go to extremes to try to get. They are almost always 
brand new, unreleased titles, or rare older programs. The 
Available List shows what the pirate has to trade for itemB on 
his Want List. He may often trade many older programs for one hot 
new title. 

Pirates also use a seotion of their boards for Classified Ads 
to buy, sell, or trade. Some pirates buy blank disks from mail 
order houses, in large enough quantities to get discounts. They 
will then offer the extra disks for sale, at prices far less than 
most computer stores can afford to charge. Some pirates sell used 
software, others post ads to buy or sell used hardware. A few 
will sell pirated copies of software, or photooopies of 
documentation. 

Pirate boards are often used by hackers, orackers, and phone 
phreaks to communicate and exchange information. Crackers will 
post phone numbers of oomputer systems. Occasionally, they will 
post listing of IDs and passwords for Comp-U-Serve and other 
public information services, public or private bulletin boards, 
and other private computer systems. Mqst publicly posted IDs are 
abused, so when these are left, it’s usually on one of the 
highest security levels. Crackers will also leave dues for other 
crackers who post messages asking for help. 

These boards often have lists of various numbers. Sometimes 
there are lists of ATAT calling card numbers, sometimes they have 
lists of access codes for MCI or other long distanoe oarriers. A 
few even post listings of stolen oredit card numbers. 

Phone phreaks often trade information over pirate boards, 
posting the newest information on black boxes and other hardware. 
Occasionally, information on cable descrambler boxes will appear. 
A user who needs help in building a box can get plenty by leaving 
a message. 

Even the FBI has gone into the BBS business. They have set up 
systems to oatoh law breaking users. These "sting” operation are 
disoussed in "Cracking Down on Sysops". 
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What's in a Name? Naming to Deceive 

and Tro.ian Horae Programs 

You can't judge a book by it’s cover, and you can’t Judge n 
program by it’s name. A popular practical joke is to take a las* 
than popular program and palm it off as something it’s not. Often 
these programs are disguised as a hot new program that many 
traders would like to get. For example, a pirate might choose n 
popular new video game, and find an unprotected copy of another 
game based on the same idea. Next he renames the file so that it 
has the same name as the new game. An elaborate pirate might go 
so far as to change the introduction screen to display the now 
name. He then uploads the program in exchange for other software, 
or posts it on an Available List, and tries to trade it with 
other pirates. 

A far more dangerous kind of deception occurs with programs 
downloaded from bulletin boards. These Trojan Horse programs aro 
described as performing one task, but really do something quite 
different, usually something destructive. One such program has 
appeared on several bulletin boards around the country. A New 
Jersey executive had a disastrous experience with the program, 
written for IBM computers. At the time, he had over 900 programs 
stored on his 20 meg hard disk. He logged on to a local bulletin 
board one night, and downloaded a program which promised to 
improve his computer's graphics. He sat back to watch the program 
work. Instead of great graphics, all 900 programs vanished, 
leaving only a simple message - "Arf! Arf! Got You!". 

Trojan Horse program have been popular campus jokes for quite 
some time. Other "jokes” include program with worms, programs 
infected by viruses, or programs with bombs that work two or 
three times, then gobble programs or format disks the fourth time 
they are used (see Chapter 9, Viruses, Worms, and Logic Bombs). 


Cracking Down on Sysops 

Electronic communication is a brand new area with a vast, 
untapped potential. Because this area is so new it currently 
resides in legal limbo, as the courts and legislatures struggle 
with the legal problems posed by this new form of communication. 

Freedom of speech and of the presB iB guaranteed to all 
American citizens by the United States Constitution. But evon 
this broad protection comes with Borne limitations. It’s illegal 
to publish newsletters of stolen charge card numbers, and it’s 
illegal to mail such a newsletter to subscribers. Yet something 
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very similar happens hundreds of tines every day all aorouN the 
United States. Instead of being printed on paper and sent through 
the U.S. Mail, it happens electronically through bulletin boards. 
This poses an obvious dilemma for law enforcement officials, 
sysops, and innocent victims. 

Newspaper editors are held responsible for what their 
newspaper prints, so a logical solution would be to hold sysops 
responsible for the material that appears on their boards, but 
the matter is not so simple. First, a sysop cannot censor all 
electronic conversation on his board at all times. It is 
unreasonable to expect a sysop to check each new public message 
each day for potentially offensive or illegal information. Many 
boards allow multiple users to be logged on simultaneously, and 
no one person could possibly monitor all that. Even when a sysop 
makes every reasonable attempt to censor public messages, the 
question of what to do about private messages remains. A private 
message should be read only by the person to whom it is 
addressed. Anything else is a violation of the sender’s rights. 
Postal employees are not allowed to read conventional mail, 
electronic mail users should have the same rights to privaoy. 

Censoring does not solve the problem. Censoring does oreate 
an added burden for honest sysops, and threatens to thwart the 
growth of electronic communication. 

The sysop is in a no-win position. On one hand, he must 
respect his user's right to privaoy. On the other, sysops have 
been held liable when illegal information has been posted on 
their boards. In one case involving the posting of a stolen 
charge card number, the sysop was convioted on criminal charges, 
and later was sued for oivil damages by the person whose number 
had been posted. 

The issues of privacy and aocess to information can present 
thorny problems, even when the information in question iB legal 
and available to the public through other means. Dunn A 
Bradstreet On-Line Sources supplies financial information and 
ratings on companies through several on-line services. In 
November 1987, DAB notified these services that oertain 
"entities", including labor unions and the IRS, were to be denied 
aocess to D A B data. The services complied immediately. 
Naturally, the unions (including the AFL-CIO) were angry, and 
olaimed the denial of access violated federal laws, especially 
sinoe the information was still available to them on paper 
through D A B offices. And the unions weren’t the only ones 
upset. Others, whose financial information appeared in the DAB 
data, were not aware that this information was available without 
thoir knowledge, and were furious that these "entities" had 
aooess to the data at all. As a compromise, the services restored 
koooss temporarily, but eventually cut them off again, this time 
in a "more oorreot manner". 
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To protect the telecomputing population and innocent sysops, 
several bills protecting electronic information from unwarranted 
searches and seizures have been proposed (see New trends in 
Software Law). Most are designed to provide telecommunications 
with the same protection afforded voice phone calls under the 
Federal Wiretap laws, and permit law enforcement officials access 
to private telecommunications only when probable cause is 
present. 

Pushed into a corner by tougher legislation protecting 
electronic communication, and pressure to crack down on computer 
crime, law enforcement officials have begun to use tactics whioh 
some people find questionable. The Austin Police Department (in 
Texas) set up a bulletin board called the Underground Tunnel. 
Sgt. Robert Ansley, calling himself Pluto, ran the board for over 
two years. Using information obtained from messages left on the 
board, the police department closed two pirate boards, though no 
one has been arrested because of involvement with the sting 
operation. 

The police department insisted they had been extremely oareful 
to avoid solicitations or entrapment of any kind, and stated that 
the messages on the board had been scripted in conjunction with 
the district attorney’s office. Still, many innocent users were 
startled to learn the board had been an undercover police 
operation, and were understandably concerned about the privacy of 
mail left on the board. 

The revelation that the Austin board was a sting was 
startling, but police investigations of bulletin boards is 
rapidly becoming widespread. Police in Fredmont, California, 
arrested eight persons for credit card fraud, misuse of telephone 
credit card operations, and technical trespass after a 3 1/2 
month bulletin board investigation. 

In Btill another case currently pending in a New York Federal 
court, a teenage hacker is accused of running a pirate bulletin 
board. His parents are being sued for his pirate activities. 
Attorney John Wallace, representing the plaintiffs, claims the 
parents are liable because they knew or had reason to believe 
their child was operating a pirate bulletin board. 

Congress is also considering stricter laws for sysops. The 
Computer Pornography and Child Exploitation Act (S. 1305) would 
make it illegal to transmit sexual obsoene material of children, 
and set up penalties for sysops who knowingly engage in that 
activity. Naturally, this bill would not affect the vast majority 
of bulletin boards. Legislators across the country are 
considering many other computer laws, including some which affeot 
telecommunications. These laws and their ramifications are 
discussed in full in Chapter 7, The Law. 
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B.v alawtA Legal Guide for Sysops is a 100 page book writton by 
two attorneys who are sysops. It outlines a sysops legal rights 
and responsibilities) including topics such as posting 
copyrighted material, when a BBS involves payment, and viruses 
nnd lawsuits. The book is $19.00, plus $2.00 shipping and 
handling, as is available from: 

LLM Press 

150 Broadway Suite 610 
New York, NY 10038 
(212) 766-3785 
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Problems Por Pirates 


Documentation 


Lack of documentation can be a deterrent to pirating in aomo 
situations. Game software usually doesn't require any 
documentation to be used successfully, but utilities and 
productivity software often do. Printed documentation is easily 
duplicated with a photocopy machine. An office employee with 
access to a copy machine can make an unlimited number of free 
copies. Inexpensive personal copy machines are becoming more and 
more popular, permitting pirates to make inexpensive copies in 
the privacy of their homes. 

Printed material, however, cannot easily be copied and sent 
over the telephone lines. It must be mailed. From a pirate's 
perspective, this isn’t a very convenient or reliable method of 
exohange. 

Documentation in the form a of a word processor data file is 
easy to transmit over a modem along with a program. The problem 
with this method 1 b that the entire documentation must be typed 
in, and piotures and diagrams are usually lost. Some clever 
pirates have used graphics charaoterB and picture files to avoid 
this pitfall. In spite of the problems involved in converting 
printed documentation into a disk file, they are fast becoming 
available on many pirate boards. Some documentation files are as 
highly prized as the program itself. 


Transmitting Protecte d pr-ngramn 

Using modems to transmit files to and from Atari computers is 
a popular pastime. Sources like Comp-U-Serve and Atari bulletin 
boards transmit thousands of files every day to locations 
throughout the country. Many software pirates use modems to trade 
programs over long distances. These programs are usually broken 
down into unprotected files. Whole disks of data can also be 
transmitted on a sector by sector basis, or the program can be 
packed down into one large file, transmitted, and expanded at the 
other end. A serious drawback - from a pirate’s point of view - 
is that it’s not easy to send a protected program this way. Even 
a program with simple bad sectors cannot be transmitted with any 
common software. 

One solution pirates use is to send the whole disk in the 
mail. This is certainly the easiest solution, but many pirates 
dislike waiting for the disk to arrive, and worry about 
accidental damage while the disk is in the mail. Pirates also 
expect programs in exchange, and distrust other pirates. 
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Transmitting a program via modem overcomes these problems, but 
this can be expensive if it’s long distance. It’s possible to cut 
down on the transmission time by using a data compressor to 
shrink down the program. Then it can be transmitted and re¬ 
expanded at the other end. 

Of course, some people use phreaking methods (see Phone 
Phreaking) to avoid these charges altogether. For them, 
transmitting a program is and excellent solution. 

There are only a few ways to transmit a protected program. The 
simplest way is with the aid of a hardware device-' which can 
capture an image of the program. Both the sender and receiver 
need to have the same image-capturing package. The person 
transmitting the program first captures an image of the program 
as it runs, and saves that image as a file. Then he transmits it 
JubI like an ordinary file. The person who reoeives the file uses 
it with tho image-oapturing program to restore it. Of course, 
this teohniquo is restricted to software that works with the 
image-oapturing program. 
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Introduction 


This section discusses software protection methods. The 
protection methods are divided by the media on which the software 
and protection code is stored; disks, cartridges, hardware data 
koyB, on-line protection, and general and miscellaneous methods. 
Each segment discusses the techniques used by both pirates (to 
break the protection) and software publishers (to prevent 
illegal copies). 

All forms of protection are intended to do one or both of 
two things. First, and perhaps most important, is to prevent 
users from making and/or distributing illegal copies. The second 
is to prevent the UBer from listing and modifying the program. 
The goal here is to protect programming secrets. Software code 
protected in this fashion can be classified as a Trade Secret. 
This also prevents others from copying routines (or the entire 
program), making minor modifications, and marketing the slightly 
modified version (sometimes called a clone). The methods used to 
achieve both these goals are discussed in this section. 
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Introduction 


The goal of software protection is to insure that only 
original, purchased versions of a program will run, and that 
illegal copies won’t. Obviously, this conflicts with the user’s 
desire for a working back-up copy. The main method of insuring 
that only purchased, original versions of a program will run is 
to have the program check for a non-reproducible key. 

A good copy protection key isn't easy to duplicate, remove, 
or circumvent. There’s three basic types of keys. The first is a 
key hidden in the documentation of the program (see Random Access 
Codes and Passwords). The second is a special piece of hardware 
that’s sold with the program (see Hardware Data Keys). The third, 
and most common type, is recorded on the disk with the program. 
This kind of key is called a disk resident key. 

Disk resident keys are a popular copy protection scheme for 
several reasons. They’re less expensive to mass produce than a 
hardware key, and harder for pirates to reproduce than a simple 
password table. Although users generally don’t like copy 
protection, a disk resident key is less cumbersome than other 
methods. Users don’t need to have documentation nearby for 
looking up and correctly typing in passwords, and they don’t have 
to locate a hardware key or insert it properly. 

This chapter discusses the most popular kinds of disk 
resident keys, as well as other techniques that make disk key 
protection even harder to break. Ideally, copying both the 
program and the key should be impossible, or at least not easy. 
To create this kind of key we have to play games with the mind of 
GEMDOS. 


About Disks 


Understanding how disk protection techniques and disk 
resident keys work requires an understanding of Atari ST disks. 
This section explains the basics of ST disks and terminology. A 
more technical treatment of this topic is included in Appendix A 
for the more advanced user. 
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Disk Layout 


NOTE: Normally only the operating system needs to worry about Ilia 
following items. 

All the data on a disk is stored as magnetic pulBoa on a 
brown plate, which looks like a tiny record album, inside the 
plastic cover. The places on the plate where the data is stored 
is determined by three numbers: the side number, the trank 
number, and the sector number. The three numbers together are 
called the address (like the address of your home). The address 
tells the computer where to find the data (just as your address 
tells the mailman where to deliver your mail). 

The pattern of tracks and sectors is called the format. The 
process of dividing the disk into the tracks and seotors, 
addressing the sectors, and setting up the FAT (described a bit 
later) is called formatting. 

The next few paragraphs describe the offioial standard format 
for Atari ST disks. Copy protection schemes often use different 
or unusual formats, but every format can be described in terms of 
sides, tracks, and sectors. 

A side is just what it sounds like, either the bottom or top 
side of the plate. The side number can be 0 or 1, indicating the 
bottom or the top. A track is a circular path on the plate where 
the data is written. Bach track is a separate, complete oirole 
(not like records which are recorded as a single spiral). Eaoh 
track is numbered from 0 (the first) to 79 (the eightieth). The 
track numbers start at the outside edge, and higher numbers mean 
the track is closer to the center. All data must be stored in a 
track. 


To keep the data in reasonably sized chunks, each track is 
broken into sectors of equal size. Bach sector is numbered from 1 
(the first) to 9 (the last), and is 512 bytes long. 

How much data can you fit on a disk with the offioial 
standard format? If we have 80 tracks on a side, and 9 sectors 
on each track, a single sided disk can hold 720 sectors, or 
368,640 bytes. A double sided disk holds double the data of a 
single sided disk, 1440 sectors and 737,280 bytes. But not all 
of the space is available for data. GEMDOS needs some space for 
itself. 

Each sector on the disk iB recorded as two separate pieces: 
an address field which holds the address, and the data field 
which (of course) holds the data. Each piece has a checksum after 
it. Checksum means adding up certain areas of memory, and 
comparing (checking) the total (sum) to a stored value. This 
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checksum is usually the sum of all the pieces of data, Ignoring 
any overflow. This is an easy way to check that the data uni rend 
correctly. This particular checksum is called a CRC (Cyclic 
Redundancy Check). The method used to calculate it is given in 
Appendix A. 

The official standard format requires specific information in 
the address field. Sach address field should contain the side 
number, the track number, the sector number, and a length of data 
number. Each sector on a track must have it’s own number (no 
duplicate sector numbers allowed). The track and side numbers 
must be the actual track and side that the sector is recorded on. 

As you can see, there are a lot of ways to change the standard 
format when creating a protection scheme. 


GBMDOS PartB and Terms 

As mentioned earlier, not all the space on a disk is 
available for data storage. GBMDOS needs some sectors to save its 
data, too. On a standard GBMDOS disk (either single or double 
sided) the first 18 sectors are devoted to GBMDOS data. If the 
disk is a boot disk, then additional sectors may be needed for 
the boot program (see Appendix A). 

These 18 sectors are divided up as follows: 


Logical 

Sector Length Description 

0 1 The boot Bector. This sector contains information 

that tells GBMDOS what the format is for the rest 
of the disk. This sector must be the first sector 
of the first track on the first side (track 0, 
side 0). 

I 10 The FATs. FAT stands for "File Allocation Table". 

There are two identical FATs for safety. GBMDOS 
updates both. The FAT records which sectors are 
used by files, which sectors are free, and which 
sectors are "bad". "Bad" sectors are usually 
detected by the operating system and marked in the 
FAT when the disk is formatted. 

II 7 The root directory. These sectors oontain the root 

directory for all the files on the disk. The root 
directory contains the names of the first level 
subdirectories and files not in a subdirectory. On 
a standard disk, only 112 names can be stored in 
the root directory. 

Appendix A contains more detailed information about the GEMDOS 
non lorn on a disk. 
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Protection Methods 


A disk resident key should be as difficult to find and copy 
as possible. To do this, it should be placed in an unusual spot, 
on the disk. A spot that’s normally unused and hard to oopy works 
best. 


DOS Standard Disk Techniques 

The simplest way to create a disk resident key is to make a 
disk that is almost, but not quite, standard. On this kind of 
disk, everything appears normal to GEMDOS, with several sectors 
marked "bad". If a sector is marked as "bad” in the FAT, GEMDOS 
will never use it. The software author can put the key value in a 
sector marked "bad". Since GEMDOS never looks at "bad" sectors, 
the standard Desktop copy (moving a disk icon on top of another 
disk icon) won’t work. The programmer can add a special read to 
the program to see if the key is present. The sample code 
READSEC.C (or READSEC.LST) on the disk included with this package 
will read a specific sector from the disk to do this kind of 
check. 

Another easy technique is to use the GEMDOS "hidden file" 
facility. If a certain bit ($02) is set in a file’s directory 
entry, the file is "hidden". The standard file selector and 
desktop windows won't display that file’s name. Only programs 
that know the name of the hidden file can open it. (The format of 
the directory sectors and directory entry is in Appendix A.) This 
prevents a pirate from making a back-up copy with the Desktop 
file copy. Since the hidden file doesn’t appear in the Desktop 
window, the pirate can’t copy it. When he runs the program, it 
still looks for the hidden file. If it doesn’t find the file, it 
knows the disk is a copy. 

These techniques provide only minimal protection. Any good 
sector copy program should be able to copy the entire disk, 
including any hidden files and "bad” sectors. 


Mon-Sta ndard Disk Techniques 

These techniques are an improvement on the ones described 
above. They UBe two kindB of "bad" sectors. The first kind is a 
"bad" sector that really can be read, but GEMDOS cannot do it. 
The second kind is a completely unreadable sector. These seotors 
are created when the disk is formatted. 
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To understand what bad sectors are, you first need to know 
what good sectors are. In the years that the ST haB been 
available, the standard (or "good") disk formats have grown to 
include the following list: 

80 tracks - 9 sectors per track - 512 bytes per sector 
(original Atari format) 

80 tracks - 10 sectors per track - 512 bytes per sector 

81 tracks - 9 or 10 sectors per track - 512 bytes per sector 

82 tracks - 9 or 10 sectors per track - 512 bytes per sector 

Certain floppy disk drives may not be able to read and/or 
write the 81*' and 82» a tracks. If you use these two tracks, a 
disk written on one machine may not work on another. All Atari 
drives should be able to read and write 10 sector tracks if they 
are maintained correctly. 

On a non-standard disk, one or more of the offioial standard 
format specifications are ignored. This produces an error code 
whenever a non-standard sector is read. The program reads the 
sector, and ohecks for the error. If the error is not found, the 
program knows the disk is a copy. The oode provided in RBADSBC.C 
reads a sector and reports the errors detected by the hardware. 
It bypasses the normal GEMDOS sector handling routines. 

The goal iB to oombine enough tricks and changes to make a 
track difficult, or impossible, to copy. This is where the 
oonstant battle between the software producers and the oopy 
program authors is fought. Some of the most common non-standard 
formats are described next. 


Bxtra Sectors 

One of the earliest tricks wa b the addition of one or more 
sectors to a traok. Only one track has the extra seotor(s). As 
the program loads, it looks for the extra sector. If it finds the 
sector, it assumes the disk is an original. This method is 
restricted to 10 (or possibly 11) sectors per track, because 
that’s all a disk drive can read. The 11 sector is not reliable 
(some drives may not be able to read the 11sector). 

The Desktop disk copy can’t copy disks with extra seotors, 
because it assumes there’s only 9 sectors per traok. But most 
sector copy programs handle extra sectors with ease. 
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Hissing Sectors 

Missing sectors are also one of the earliest protection 
techniques, A missing sector is a sector that simply isn’t there. 
It may sound odd to "create” something that doesn’t exist, but s 
missing sector is created by making a track with 8 or fewer 
sectors. Usually one of the middle sectors is omitted when the 
disk is formatted. The program tries to read the missing seotor, 
and checks for the proper GEMDOS error code (a -8). Once again, 
the Desktop copy won’t work because it requires 9 sectors par 
track, but most seotor copiers like Procopy easily handle this, 


Duplicate Sectors 

Duplicate sectors occur when more than one sector on a traok 
share the same sector number. GEMDOS file calls normally can’t 
get to data in the second sector, because GBMDOS assumes that 
each seotor has a unique number. 

The Desktop disk copy routines won’t copy disks with duplicate 
sectors, but most sector copy programs have no trouble with this 
format. 


Different Else Seotors 

This format depends on a feature of the disk controller chip 
in the ST. Although GEMDOS sets the seotor size at 512 bytes per 
sector, the controller chip is able to support 4 different 
sector sizes. These sizes are: 128 bytes per seotor, 256 bytes 
per sector, 512 bytes per sector (the standard GEMDOS size), and 
1024 bytes per seotor. 

You can change the size of the sectors, but you can’t change 
the size of the track. If the size of one or more sectors is 
changed, the number of sectors on that track will change, too. 
For example, if an entire track is formatted with 1024 byte 
sectors, only~5 sectors will fit on that track. GEMDOS can read 
only 512 byte sectors. This limit is enforced by code in the 
GEMDOS ROMs (see GEMDOS Parts and Terms). This means that a 
programmer can put the disk resident key in a Bector that most 
other programs will not be able to read. 


Sectors with Bad Addresses 

One interesting protection method is to change one or more 
parts of the address field. When the disk controller chip looks 
for a sector, it checks the track and sector numbers (but not the 
side number) to find the one it wants. The track and seotor 
numbers need not be anything like .the official standard numbers. 
This lets you create a disk with sector address fields that don't 
oontain the correct numbers. 
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This trick makes the tracks containing the aisnumborod 
sectors (or even the entire disk) impossible for GEMDOS to road. 
The official standard requires the sector numbers to range from 1 
to 9 (or 10). If larger numbers are used, GEMDOS can’t read tho 
disk. The Meg-A-Minute backup program (by David Small) used this 
technique. Another possibility is to misnumber the tracks. 

Reading data from a disk like this requires a little extra 
work. GEMDOS isn’t able to read the misnumbered sectors or 
tracks, so the programmer must write his own floppy disk handler. 
The controller chip must be given the altered numbers before the 
misnumbered sectors can be accessed. The correct numbers must be 
restored before the program can go on to another track. 

This protection technique produces disks that can’t be copied 
by the Desktop. The Desktop disk copy fails when it finds the 
"different" address field. If it happens to be on track 0, sector 
1 (the first sector), GEMDOS won’t even be able to determine the 
disk format. However, the smarter sector copy programs rarely 
have trouble with this method. 


Bad Sectors 

Bad Sectors cause real errors when GEMDOS tries to read them. 
These sectors really do have bad or unreadable formats. Different 
errors are possible. The three most common bad Bector formats 
are: Bad CRC values, Missing Data Field, and Wandering Bits. 

Bad CRC values means the checksums recorded after the address 
field or data field are wrong. When this sector is read, the disk 
controller chip indicates that the CRC value is bad. Usually this 
means that the disk is physically damaged. But when it’s used as 
a protection technique, the disk is really good. The program is 
looking for the "bad CRC" error from GEMDOS. 

A Missing Data Field error happens when two addresB fields 
occur together in a row, without a data field between them. When 
GEMDOS tries to read this kind of sector, it returns a -8 (seotor 
not found) error. 

The Wandering Bits format is a format where the data ohangos 
each time the sector or track is read. ThiB method oan be used 
with or without other errors. This kind of data is oreated by 
formatting only 1 sector on the track, or leaving the track 
completely unformatted. 
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Sector Gap Pattern 

This technique is very hard to detect. It’s created by writing 
a pattern in the gaps between sectors (see Appendix A). When the 
entire track is read, the values in the gaps are read, too. But 
what the drive reads nay not be what was actually written there. 
The hardware uses the gaps to find the starting point of tho 
sector. If the gap is filled with data, the disk drive nay not bo 
able to find the correct starting byte. 

If you can’t depend on the data, how can you check the key? 
Because the data is always distorted in a regular manner. For 
example, if a data pattern of "10 10 10 20 20 10 10 10" was put 
into a sector gap, it may be read back in as "33 33 33 54 54 33 
33 33". There is no relationship between the 33s and 54s, but 
every 10 was read as a 33 and every 20 as a 54. This regular 
pattern of distorted numbers is what program checks for. This 
protection technique is pretty good, because most copy programs 
default the gap values to $4E. It does, however, require careful 
programming to detect the patterns, and to verify them. 


Impossible Sectors 

The floppy disk controller normally can’t write oertain values 
in the address field. When the floppy disk controller is given 
these values during a format operation, it interprets them as 
instructions to perform special functions. That means sectors 
with these special valueB in the address field are extremely 
difficult to copy. These values trigger other commands only when 
the floppy disk controller iB formatting the disk, so sectors 
which already oontain these special values in their addresses are 
easy to read. 

These special values are from $F5 to IFF. The functions and 
uses of some of these codes are described in PiBk Track Format 
in the Appendix. One value ($F7) actually makes the controller 
write two bytes on the disk. These two bytes are the checksum of 
data up to that point. 

Creating a sector whose address field contains one of these 
values is tricky, because these values can't be passed directly 
to the floppy disk handler. But the floppy disk handler oan 
compute and write a checksum that is equal to one of these 
special values, To do this, the programmer carefully computes a 
checksum that just happens to be equal to one of the speolal 
values. When the floppy disk handler reaches the point where tho 
programmer wants the special value to be, he tells it to writo 
the checksum he computed earlier. This is one of the newest 
protection techniques. 
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Boot DiBks 


Boot disks are special animals in the Atari world. They havo 
special information in the first sector which causes a program to 
Btart and run by itself. A program like this may not run properly 
(or at all) if it’s started from the Desktop. 

The first sector of a boot disk has machine code which the ST 
executes before the Desktop gets control. This code can do almost 
anything, including take control of the entire ST. If it doesn't 
take complete control, it can still cause certain actions to 
occur. 

On a normal disk, the Desktop program starts automatically as 
the default. On a boot disk, the special information in the boot 
sector usually causes one of these three things to happen: 

1. Cause COMMAND.PBG to be run from the boot disk. Programs in 
the \AUTO\ folder run first. After the \AUTO\ folder 
programs are finished, COMMAND.PRO runs. 

2. Load a file or a string of sectors. Once again, all programs 
in the \AUTO\ folder run first. When they’re finished, the 
file or string is loaded. The number of sectors or the file 
name, the address they’re loaded at, and the address where 
the FAT is loaded is also included. 

3. Execute any other code that may be resident in the boot 
sector, 


Note that options 1 and 2 are usually done by the "normal" 
Atari boot sector code. You can replace the normal boot sector 
code with your own code, which can do anything (option #3). 

Boot disks in and of themselves don’t provide much copy 
protection. But by combining them with the methods discussed 
above, they provide a reasonable level of protection. If a boot 
program takes over the entire ST, no other program can watch how 
it runs, or how it checks for software protection. 

Taking complete control of the ST is important, because one 
way pirates steal programs is to capture an image of the program 
after the protection is checked. This image can be restarted over 
and over again. It won’t check the protection again, because the 
program starts running at the point where it was captured. This 
gives the pirate a totally unprotected copy of the program. If 
the boot program takes total control, it can reset certain fields 
in the ST to stop programs in the \AUTO\ folder from taking over, 
and prevent this copy technique from working. 
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Hiding The Protection Code 


Disk resident copy protection requires two interlooking 
parts, a key on the disk (such as one of the keys discussed 
above), and a piece of program code that checks to see if the key 
is on the disk. Once the key is recorded on the disk, the program 
must check for it. The simplest form of this code is: 


read disk-key 
if (key-not-present) then 

tell user this is not original copy and bomb 
continue on with program 

This code can be inserted almost anywhere in the program. It 
goes without saying that the closer to the beginning of the 
program that the code resides (with respect to execution), the 
easier it is for a pirate to find. Once the pirate finds this 
check, he can remove it by "patching" the program so that it 
never find the "if” clause true. This way, the program always 
thinks it's on an original disk. 

A simple change to the code above makes the protection muoh 
more effective. If the program can't find the key, it shouldn't 
bomb right away. It’s much more frustrating to make the program 
bomb later at an unrelated funotion, or perhaps juBt partially 
die. If the program is a game, the players could be made weaker 
than normal (so they die sooner), or their weapons oould 
frequently fail. A word processor oould do everything but save a 
document. If the SAVE command simply erases the document and 
formats the disk, the pirate will be very frustrated. 

A word of warning: any technique which formats or erases a 
disk can backfire. An honest purchaser should not have to suffer 
with a disk that functions erratically. Needless to say, a 
customer who has spent a lot of money for a program will be very 
unhappy if his original, purchased disk decides to format itself, 
erasing hours of work. 

If a pirate breaks the program by removing the disk key check, 
he won’t need to copy the disk key. It’s like using a lot of 
locks on the door, and leaving the keys under the doormat. 
Removing the protection check allows a pirate to copy a program 
with virtually any protection scheme. This kind of piracy is 
considered practically impossible to stop. It’s also the most 
damaging to sales, because an unprotected program is easy to oopy 
and distribute. Fortunately for software producers, breaking tho 
code by hand is the most difficult and time consuming oopy 
technique. 
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But stopping an experienced and determined software pirate who 
can break programs by hand is extremely difficult. The software 
nuthor must be very clever. Using the key value throughout tho 
program can make the pirate’s task much harder. 


Self Modifying Code 

To break the protection by hand, the pirate must first locate 
the protection code. This code usually consists of some sort of 
a disk read, followed by a check of the status or contents of the 
sector. If this code isn’t on the disk, it’s hard for the pirate 
to find and remove it. 

How can a program do a protection check if it doesn’t have the 
code that tells it to do this? The program can make that code out 
of other data. This usually involves modifying data areas or 
other sections of the program to create the protection check 
instructions. This is easy to do when the program is running. The 
computer doesn’t know if the instructions were loaded from disk 
or made by other sections of the program. Of course, this 
technique is generally available only in assembler language, or 
from languages that can call an assembler subroutine. 

As an example, suppose that your protection key is on Bector 
2, track 79, side 1. To look for the key, you need to issue a 
XBIOS read for that sector. The code in file SELFMOD.C (or 
SELFMOD.LST) on the Protection Techniques disk constructs a 
subroutine which calls the XBIOS handler and do the read for you. 
The routine itself doesn’t issue the call, instead it buildB an 
assembler subroutine in a data array. It creates bit patterns 
that the computer Bees as instructions. These instructions do the 
actual call to XBIOS. The software pirate will not find the 
instructions in the file on the disk. Even the TRAP assembler 
instruction isn’t in the data on the disk, it’s created by the 
addition of two constants. This makes it very hard for the pirate 
to find and remove the actual read command. 

Another method is to scramble the program itself, usually by 
encrypting it. The encrypted program is loaded by a special 
loader program. This loader unscrambles the program as it loads. 
If a pirate tries to take apart or study the program on the disk, 
all he will see is garbage. Only the special loader can decipher 
the encrypted program. 
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An even trickier method is to combine separate areas of memory 
or disk sectors. This method takes two separate seta of 
meaningless numbers, and combines them to create the program 
instructions. This combination can be done by ORing, ANDing, 
Exclusive ORing, etc. (these terms refer to assembler language 
instructions). For example, two sectors on a disk contain what 
appears to be meaningless data. The program reads them into 
memory, then Exclusive ORs them together. This creates a whole 
sector of instructions at one time. The programmer must setup the 
data sectors very carefully, so they’ll create the proper 
instructions when they are combined. 

It may seem like these techniques could stop anyone from 
deciphering and removing the protection from a program. Don’t 
underestimate the skill and determination of advanced software 
pirates. Discouraging true dieharda requires additional measures 
designed especially to wear down and antagonise your pirate 
adversary. 


Layering Your Protection 

This technique is similar to the methods used to keep 
prisoners in jail. The bars on the cell represent only the first 
layer of protection. The would-be escaper must also get past the 
guards, out of the building, and finally, past the main wall. 
Software protection can use a similar form of layering. 

After the pirate breathes a sigh of relief, convinced he has 
finally found and disabled the protection, he may be very 
discouraged to find that the program Btill won’t run. Now the 
pirate must deal with layer two of protection. 

A good way to layer your protection is with "checksums". For 
example, you could add up the memory locations which hold the 
protection instructions, and store the sum in your program (be 
careful of the addresses embedded in the instructions!). When the 
program runs, it adds the values in those locations, and compares 
the total to the sum stored in the program. If the pirate changes 
the protection instructions, the numbers will not match. The 
program knows it has been changed, and could bomb or try to 
reformat the disk. As you can see, this method prevents someone 
from changing your protection code. Of course, the pirate could 
alter the stored sum to reflect his changes, but this still adds 
a whole new layer of protection for him to disable. 


46 



,‘lt Pl ot notion Techniques 


l> 1 *k Pl ot not t on 


Analyzing and Breaking Protection 


Pirates have three main methods of breaking disk protection. 
The first is to duplicate the key. A pirate might copy the 
documentation so he can supply a program with the appropriate 
password, or try to re-create an unusual disk format. The second 
is to modify the program so it doesn’t look for the key, or so it 
thinks it has already found the key. This technique is difficult, 
and only the best programmers can do it. The third is to let the 
program run until it has checked the protection, then save a 
image of the program as an unprotected file. 


Duplicating the Disk Key 

In order to duplicate the disk key, the pirate must be able to 
read it, identify it, understand it, and re-create it on the 
copy. With the advances in constructing "bad" sectors and non¬ 
standard disk formats, this is becoming harder and harder. 

Certain companies devote most of their efforts to conquering 
this challenge, and produce programs and/or hardware to copy most 
any disk format. Two examples are the Procopy program and the 
Discovery Cartridge (see The Tools). Products like these do most 
of the work for the pirate and are easy to use. Even a beginner 
with no programming knowledge can use them to successfully copy 
programs. Naturally, using commercial copy tools is the most 
popular pirate technique. 


Modifying the Program 

Pirates like to modify programs so that the program always 
thinks the disk key check was successful. Since the key is no 
longer required, the result is a completely unprotected copy. A 
pirate does this by translating part (or all) of the program from 
machine language back into assembler language. This is called 
disassembling. After the program is converted back into assembler 
language, the pirate studies it to find the usual instruction 
patterns that check for protection. When an ST program cheoks 
protection, it usually issues a TRAP instruction, checks the 
return code from the TRAP, and then may check some data. Once the 
pirate finds the protection check, he patches the program to 
remove it. The program thinks the disk has passed the check, and 
continues to run. 

For simple protection checks, this works fine. However, If the 
program uses the key value for other things, a simple patoh will 
fail. The pirate will have to study the entire program to mako 
Ills changes work. 
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Capturing the Program while Running 

If a program checks the protection key only once, a pirate can 
easily get an unprotected copy by capturing an image of the 
program just after it has checked the key. This image can be 
reloaded and restarted over and over again, without the original 
disk. This totally unprotected image is usually saved as a file, 
which makes it easy to copy and distribute far and wide. 

To capture a program, a pirate must first run another program 
that stays in memory and in control. This type of program is 
called Terminate and Stay Resident (TSR). All desk accessories 
are TSR programs. Some programs that run from the \AUTO\ folder 
are also TSR programs. TSR programs get control from GBM itself 
(like desk accessories), or they steal one or more of the 
operating system interrupt vectors. If they steal a vector, they 
will gain control whenever that interrupt occurs. This is why 
boot programs must be careful to initialize all the vectors. If 
an \AUTO\ program is run before the main program, it could steal 
certain vectors, allowing it to regain oontrol later. This is the 
basic technique used by products like Switoh/Back and Juggler . 

An image file contains only the parts of the program that were 
in the computer when it was captured. If a program doesn't load 
completely, the captured image will not be complete. If the 
program needs to read the disk again, the captured image will 
also need to read the disk. Therefore, this method is not 
effective for programs that are too large to fit into memory, or 
that check for the disk key at several different times. 


Conclusion 


Disk based protection is the most common software protection 
technique. In this protection method, the program checks the disk 
for a special "key". Most of these protection techniques use a 
unique or unusual disk format. However, even the most creative 
formats can be copied by back-up programs such as the Discovery 
Cartridge and ProCopy. Self-modifying code, hiding protection 
code, and layering protection can slow down a pirate trying to 
break a program by hand. Clever pirates may try to capture an 
image of a program after it has checked the protection. 
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Introduction 

Software pirates are as varied as their motivations for 
copying programs. A copy protection scheme that stops one pirate 
dead in his tracks may not faze another. In certain applications! 
the need for a back-up copy is so crucial that disk key copy 
protection would make a program unmarketable. These programs 
require another type of software protection. This chapter 
discusses different kinds of protection techniques, each with 
it ’b own advantages. They don't fall into any particular 
category, instead they oovor a wide range of approaches to the 
piraoy problem. 


BaiuBnorTpUan 

Data encryption is the prooess of scrambling a file so that 
it oannot be easily read or ohanged. It oan also be used to 
password proteot a file, so that the file oannot be acoessed, 
run, or ohanged without the proper password. Data encryption 
methods vary in complexity from a simple transform table to the 
oomplioated algorithms used to encode financial transactions. 

One of the simplest data encryption methods is to Bxclusive- 
Or each byte in a file by a key byte, then use the same key later 
to decode the file. An Exclusive-Or is a computer operation (the 
Assembly language instruction is XOR) whioh compares numbers one 
bit at a time. If one and only one of the two bits being compared 
is a one, the result is a one. If both bits being compared are 
the same (two zeroes or two ones), the result is a zero. This 
method is widely used because the encryption data is easily 
decoded by Exclusive-Oring it again with the same key. In other 
words, you can encrypt and decrypt data using the same process 
and the same key. See the example below. 


0110001011100 Original Binary Number 

0101010101010 A Simple Key 


0011011110110 The XORed Result (Encrypted Data) 


0011011110110 XORing the result with the same key 

0101010101010 (Decrypting) takes you back to the 

original number. 


0110001011100 
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Data encryption is sometimes used in programs to make them 
virtually impossible to change. This helps to hide protection 
code, and to prevent pirates from changing things like the 
author'8 name and copyright information. 

Encryption can be used on data files to keep the data 
private, or to limit its use to your own program. Strip Poker for 
the Atari uses this simple data encryption method to protect the 
picture files from use by others. Many companies use encryption 
as a form of software protection. 

At the other end of the spectrum is a process called the Data 
Encryption Standard (DES). DES is the most widely used encryption 
scheme for sensitive information such as automatic teller maohino 
transactions. Banks are currently using DES to encode financial 
transfers totaling 2 trillion dollars each day. DES is also used 
in systems such as VideoCypher, which scrambles satellite 
transmissions for companies like HBO and Cinemax. The DBS 
algorithm, developed in the 1970’s by IBM, is on the State 
Department’s list of of sensitive technologies, and therefore 
cannot be used on equipment outside the U.S. and Canada. 

DES works by breaking up the data into blockB of 64 bits eaoh. 
First, the left and the right 32 bit halves are swapped, then the 
left half is encrypted with a 56 bit key. This complex logio 
operation generates another 32 bit packet, which is XORed with 
the right half 32 bit packet. This new 32 bit number iB used to 
replaced the right half of the original 64 bit package, then the 
entire process is repeated another 15 tines to yield the result. 

Although it sounds time consuming, special chips can perform 
the calculations almost instantly. Sometimes data is further 
encrypted, producing a layered effect, with one technique 
encrypting the result of the previous key. This daisy chain of 
encrypted keys is extremely secure, and is finding more and more 
uses as the need for privacy increases - 

Many other encryption methods are gaining favor for speoial 
applications. One such method, the Public/Private key, can be 
used to secure messages without telling the recipient your 
encoding key. By using the sum of large prime numbers, you oan 
encode a message so that only the proper recipient can decode it, 
and still keep both your keys private. This method is popular for 
private E-Mail systems. 

While high powered computers can usually crack these schemes 
if given enough time, these methods are secure enough for almost 
any use. 
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The PROTECTOR program, on the software diBk included with thin 
package, encrypts your programs using an encryption password of 
your choice. Encrypting your files stops disassemblers, and liolps 
keep title screens intact. The decrypter option decrypts filea, 
if you enter the same password that was used to encrypt the filo. 
If a pirate enters the wrong password, the file will be further 
oncrypted. 


Site Licensing 

Companies with large computer installations need many copies 
of the same program. When a large number of people are using a 
program, some copies are bound to be accidentally damaged or 
misplaced, making back up copies essential. Copies may also be 
required at remote sites. It’s difficult for a company to foresee 
exactly how many copies of a program it will need, and additional 
oopiea may be needed quickly. 

Although companies who purchase software in large quantities 
often get substantial discounts, pirated copies are always 
cheaper. A manager may want everyone to have a copy, but it may 
be beyond his department’s budget to buy them. In spite of the 
fact that companies who participate in piracy may face stiff 
fines, a manager in such a position may very well make sb many 
copies as he needs anyway. 

Virtually all companies have official policies forbidding 
illegal reproduction of copyrighted software, but how well these 
policies are enforced varies from place to place. Additionally, 
many employees may not know what is and what isn’t legal. 

Consequently, it’s nearly impossible for firms with large 
computer installations to completely prevent piracy. Software 
publishers understand this, but they would like to make as much 
money as possible on each sale. So, some software publishers sell 
companies the right to make a certain number of baok up oopies, 
for that company’s use only. In these arrangements, the company 
buys the right to make extra back ups, but not the right to 
reproduce them for resale or employee’s personal use. This kind 
of contraot is classified as a licensing agreement rather than a 
purchase (see Software Licensing in Chapter 9, The Law). It’s 
called site licensing because the right to reproduce the software 
is usually restricted to one place, the company’s location, or 
site, and to copies for official use. 

The actual terms of a site licensing contraot are worked out 
individually between publisher and buyer. Each publisher offors 
its own site licensing contracts. A publisher will offer the same 
deal to every company, but is usually willing to change speoific 
details to make a sale. 
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Microsoft Corp. offers a plan that doesn’t permit back up*, 
but gives companies with offenders an easy way out. In this plan, 
large quantity purchasers receive a discount if the corporation 
exercises "due diligence in discouraging" illicit copies. If 
unauthorized copies are found, the company’s liability i* 
restricted to the suggested retail price of the software (instead 
of the usual liability of $50,000 per illegal copy). 

Lotus Development Corp. and Exxon Corp. have worked out a 
unique agreement. Exxon has a version of 1-2-3 running on a 
mainframe. When a microcomputer user needs the program, he 
downloads it. The mainframe counts the number of downloads, and 
Lotus bills Exxon accordingly. 

Site licensing offers advantages to both software publisher and 
software buyer. A user employed at a firm with a site licensing 
agreement may still be able to remove a copy and give it to his 
friends, but an arrangement such as this goes a long way toward 
stopping piracy. The software publisher is still compensated for 
the extra copies, and the company is relieved of the burden of 
potentially huge fines and lawsuits. As these contracts become 
more common, and publishers and users become more comfortable 
with them, their popularity will continue to grow. Better 
techniques of keeping track of, and paying for, copies will be 
developed. In the future, even fairly small computer bases such 
as small businesses, schools, and-libraries will routinely set up 
site licensing agreements. 


Hardware Data Keys 

As its name implies, a hardware data key (sometimes called a 
Program Security Key (PSK) or Dongle) is a hardware devioe. It 
plugs into the joystick or any other port, and is "read" by the 
program, much like a joystick. Its purpose is to protect the 
program from being copied by software pirates. As an added 
function, a hardware data key could be used by a purchaser to 
protect his files from others. For example, if a data base 
program is protected by a hardware data key, the data could not 
be accessed, erased, or altered by anyone without the key. 

Hardware data keys have the potential to be one of the 
safest and best protection techniques. The purchaser can make as 
many back up copies of the software as he likes, but without the 
key, copies are worthless. This means that hardware data keys 
theoretically solve one of the biggest problems with software 
protection. They prevent copies from working for pirates, yet 
allow the purchaser to have functional back ups. 

Like any other protection method, hardware data keys have 
drawbacks. It’s inconvenient to locate and insert a key each timo 
the program is run. If a user has many programs, each requiring 
its own key, it quickly becomes very frustrating and time 
consuming to remove and insert keys each time a different program 
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In loaded. Standards for hardware keys and "key chains" have liimn 
proposed, though none have been accepted (discussed iator in this 
chapter). Protection methods using the simplest hardwaro key* can 
bo fairly easy to circumvent. A key can be accidentally 
misplaced, stolen, damaged, or destroyed, leaving the legitimate 
user with no way to run his programs. 


How Data Keys Protect Programs 

The simplest hardware data keys pass a value to the program. 
If the correct value is passed, the program assumes the correct 
key is present, and runs properly. If the value is wrong, it may 
mean an incorrect or counterfeit key is present, or may mean no 
key is present at all. In this case, the program could partially 
disable itself, or crash completely. 

More complex data keys can pause for a specific length of 
time before returning the value, pass several different values in 
sequence, or even include a microchip to perform specialized 
functions. The technique of passing several values back and forth 
between a hardware key and a program is called handshaking. 

A program could use a specialized chip inside a hardware key 
for many things. For example, a key containing ROM ohips gives 
quick access to data, or a key containing a microprocessor can 
perform some of the program's functions. Although these keys do 
make a program hard to copy, their main purpose is to make the 
program faster or better. This chapter discusses hardware keys 
designed mainly for copy protection. 


Copying Data Key Protected Software 

A single, simple data key is like a lock with over one 
million possible combinations. It may take years for a pirate to 
stumble across the correct combination using a trial and error 
method. This has lead many people to believe that data keys are 
an ideal solution to prevent piracy. However, the pirate has 
easier ways of finding the proper combination, and he also has 
ways to circumvent the key completely. 

An easy way to discover the combination in a simple data key 
is to run a BASIC program with the key plugged in. The program 
reads the port, and displays the values on the screen. Onoe the 
pirate has the combination, he can build his own key, or modify a 
Joystick or other controller to pass the proper values. A pirate 
could build a single key with several switches. Whenever he runs 
a data key protected program, he simply sets the switches to pass 
the proper values for that program. 


53 



!IT Protection Techinques 


Other Method* 


A pirate may try to capture an image of the program sa it 
runs. If he is able to capture the program after it has cheokod 
for the key, the result is an unprotected copy. The capturod 
image may be saved as an easily copied file, and would not 
require the data key to run. 

A data key will not stop a talented pirate from attempting to 
break the program by hand. He could try to find and remove the 
portions of the program that check for the data key, or modify 
the program so that it always has the proper key values. If he is 
successful, the result is a completely unprotected copy of the 
program. 


Preventing Data Key Copy Techniques 

A pirate can easily decide most simple data keys, but he must 
still recreate the key or change the program to bypass the 
protection. Checking for 'the key periodically throughout the 
program, (for example, when files are saved or loaded) will 
prevent a captured image file from working properly without the 
key. Carefully hiding the protection code can slow down a pirate 
trying to remove the protection checks. 

More complex and sophisticated keys are harder to reproduce. 
Dedicated pirates with a good'understanding of hardware may try 
to use reverse engineering to stpdy^s key. But fortunately, most 
pirates lack the necessary knowledge and skill to do this. To be 
successful, the pirate must disassemble the key without damaging 
it, learn what it does by studying.it, and create a copy of it 
from scratch. It may cost him more to build a copy of the key 
than to buy a copy of the program! But software publishers must 
keep in mind that these keys add to the cost of producing the 
program, and that extra cost is ultimately passed along to the 
consumer. 


The ADAPSO Proposal 

The advantages and disadvantages of using hardware data keys 
has prompted some very serious discussions about developing 
standards for them. A set of standards would provide software 
publishers with a high level of protection, and make life easier 
for users with many keys for many programs. 

In 1985, the Association of Data Processing Service 
Organizations published a "Proposal for Software Authorization 
Systems Standards", describing a standard for hardware data keys 
and "key chains" or "key rings". It was a three part system using 
a software lock, hardware key, and key ring. The software lock 
prevents the program from running without the hardware key. The 
key ring plugs into the computer, and holds data keys for many 
programs. These standards were never adopted. 
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Current Activities 

Some companies are using their own hardware data key plans. 
Most familiar to Atari users is Touch-Up program from Mi-Graph, 
The Touch-Up disk has no protection, so the program is easy to 
back up or install on a hard disk. The software periodically 
checks to see if the hardware key is plugged in. The key itself 
is about 1" long, and plugs into the printer port. This key is an 
"active" key, and contains a non-replaceable lithium battery. 

A more complex hardware key has been built by Dallas 
Semiconductor. Their device, called the "Electric Key", uses four 
levels of copy protection, and is powered by a small lithium 
battery. The key prevents tampering by using an electronic seal 
which destroys the datu If the key is opened. 

Although all tho activities and ddvolopmonts in hardware data 
knys makos their future appear brighter, the oost, complexity, 
and inconvenience of hardwaro data keys will still prevent their 
widespread use in the long run. 


MlgoaLiinogu i HoUiodn 

Borne protection technique'snot easy to classify. These 
mothods are important, and grpw'i'ng in popularity. This section 
will discuss a few of the jmdBt^dommor^ of these methods. 


Random Access Codes k Passwords ' 

Some programs prompt users to enter selected passwords from 
the documentation before they will run. Each time the program 
runs it requires the user to enter one of as many as 18 different 
passwords before it will proceed. Although this method is 
inconvenient, legitimate users can look up the necessary password 
with little trouble. Pirates, on the other hand, often get only 
incomplete documentation, if any. Programs traded over a modem 
are especially likely to be lacking documentation. 

Infocom has incorporated this technique into several of their 
adventure games. One example is Spell Breaker. After playing 
about halfway through the game, the player reaches a door. The 
door says it need an answer to a question, and the answer is in 
your guidebook. There are 6 different questions, and they change 
each time the game is played. The documentation is made to appear 
trivial, so most pirates don't bother to make a copy. Needless to 
say, a pirate lacking documentation who has taken the time to 
play that far will be upset. After hitting that door, many 
pirates have broken down and bought a legitimate copy so they 
could finish the game. 
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Partially Functioning Copies (Bait k Hook) 

A similar concept, equally annoying for pirates, is UBod in 
Alternate Reality. In this modified form of disk copy protection, 
the copies seem to run normally at first, and the game seems to 
play so pirates think their copies are functional. Later, to 
their dismay, they learn their player is always sickly, and die* 
soon after he begins playing. The idea is to give the pirates 
enough of a taste of the program to make them want to buy it. 

Partially functioning or crippled versions are ideal for 
samples and demos. For example, a partially functioning version 
of a word processor program could appear to be exactly like the 
main version, but certain key functions would not work. 

Limited use or self-destructing programs are based on a 
similar concept. The idea is to give the potential purchaser an 
opportunity to use the program, . in the hope that he will be 
"hooked". However, the initial oopy will run only a certain 
number of times. The customer must buy a copy if he wishes to 
continue to use the program (see Logic Bombs, Program Worms, and 
Viruses). 


Elaborate Documentation 

Another concept from Infocom is fancy documentation. Some 
players enjoy the documentation enough to go out and buy a copy 
of the game, even though they may have a pirate copy at home. One 
of their newest games, "Leather Goddesses of Phobos”, includes a 
beautifully done R rated color booklet, complete with 3-D glasses 
and a scratch-and-sniff page. Piratee will have a hard time 
trying to copy that. Infocom has raised theif documentation to a 
new form of status symbol that is sure to put a dent in piracy. 


Support 

Another way to differentiate a pirate copy from an original 
is with support. Surprisingly, pirates with bootleg copies are 
often bold enough to call the publisher with questions. Some 
pirates are even brave (or foolish) enough to admit they have a 
copy, or ask how to remove copy protection! 

Many companies have a policy where no questions will be 
answered at all unless the user is a registered purchaser. For a 
business or productivity program, support can be vital. 

A company that is responsive to customers helps to discourage 
piracy by generating the good will that goes with a well 
supported product. Let’s hope that the trend toward good support 
continues. 
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Heriul Numbers and Codes 

Serial numbers can be a useful tool in fighting piraoy. 
Putting a unique serial number on each copy won't stop Bomeone 
from copying the program, but if bootleg copies are discovered, 
the source is easily traced. Serial or code numbers are also 
helpful in screening support calls. A single code letter in the 
bottom corner of one page of the documentation or on the disk 
label can help technical support personnel identify a particular 
version of a program (and any known quirks or bugs), as well as 
separate legitimate users from pirates without documentation or 
an original disk label. 


Updates k Revisions 

Releasing new versions of a program is not exactly a 
protection method, but it can discourage piracy. Pirate users may 
buy a legitimate -copy of a program to get an updated version with 
new features, or a' revision with bug fixes. Offering registered 
users new versions Vf? a discounted price entices users to buy the 
program instead of copying it, and encourages good will for 
established customers. 


Conclusions 


Disk copy protection‘ "is not the only copy protection 
technique. A different technique with a different approaoh, alone 
or with a modified form : -of disk *jopy protection, may be the best 
solution. Software! n ’ :) tf?ubli8herB who substitute disk files for 
printed documentation may save a few dollars in production oosts, 
but lose thousands? 'from piracy (and cause many headaches for 
users without printers!). -- ’ 

Software companies will continue to try to make legitimate 
copies of their software more desirable than pirated copies. If 
that trend continues, the piracy problem may begin to disappear. 
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Chapter 7 
On-Line Protection 


Introduction 


Protecting on-line systems from misuse is one of the most 
critical and talked about fields in the computer world today. 
While protecting a program from piracy may seem important, on¬ 
line protection can have global significance. Today, computers 
guide everything from automated traffic control systems to 
satellite control systems, and even our national defense network. 
The American Bar Association placed the losses to business from 
on-line security breaohes between 145 and 730 million. Press 
reports on hackers and movies such as War Games and Superman III 
have brought the problems of on-line protection to the forefront. 
Much was said earlier in this book about who hackers are and how 
they operate. This seotion will show you what can be done to help 
stop on-line security violations, whether you wish to protect a 
national defense network or your personal bulletin board system. 

A recent survey of data processing managers showed that 35% of 
the installations had suffered security breaches involving 
unauthorized use of the system. Of those who had problems, 
though, only 8% of all security breaches and only 6% of actual 
computer crimes were committed by outsiders. All the rest were 
due to employees. Also, of the employees, only 30% were workers 
in the computer department. So it seems that the majority of 
computer crimes are committed by employees Bpread throughout the 
company, as opposed to outside hackers or computer wizards 
working within the company. 


Gaining Access 


Back Doors 


One of the most common methods used to gain access to on-line 
systems is through back doors. Back doors are special accounts 
sot up by computer manufacturers, repair people, and system 
programmers to allow them special access to the system. These 
accounts almost never appear on the company’s list of valid 
accounts, and usually only the people who set them up know about 
thorn. A Seattle area hacker recently showed just how powerful a 
back door oan be. 
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An 18 year old computer wiz, Michael Princeton Wilkernon, 
hacked into several major computer installations. He changed data 
and even set up a code bomb that could have destroyed the whole 
system (see Bombs, Worms, and Viruses). He did it using one of 
the most widely exploited back door attacks; the special servloo 
accounts and default passwords set up on all VAX computers when 
they are installed. The accounts (SYSTEST and FIELD) are supposed 
to be used by field engineers and service people during 
installation, but then should be changed. These standard accounts 
have been listed in hacker bulletin boards and hacker newsletters 
like 2600 Magazine (see Hacking), and even the National Bureau of 
Standards issued a warning about them back in 1984. It was these 
same passwords that the famous "414 Gang" had used to penetrate 
Lawrence Livermore National Labs several years ago. But as 
Michael proved, many companies haven’t bothered to change them. 
These back door accounts worked in almost every installation he 
tried. 

There are many other examples of back doors, including one on 
many popular Atari bulletin boards. Most versions of the popular 
"Forum” bulletin board system for Atari computers have a baok 
door. The back door was probably placed there by the original 
author, Matt Singer, to watoh for people who might misuse his 
program. It allows a caller who logs on as "Matt Singer" to issue 
special system commands that let him act as a remote sysop, 
reading, deleting, or even changing system files at will. 
Although this particular back door has been found and removed 
from some versions, many people who have modified or improved the 
system have added their own. 

The widespread use of back doors undermines any seriouB 
attempt at on-line security. 


PaBBwords 


Almost all secured systems require passwords. Most systems 
allows the user to set up and change his password as desired, and 
that is a big part of the problem. Even at large security 
conscious corporations, many faulty practices occur. Passwords 
that are one character in length (obviously simple to crack) are 
used. Whole groups of users sometimes share a common password. 
Passwords may be posted by the terminal or scribbled on the desk 
in case people forget. Another practice is to choose a password 
and never change it. All of these actions stand in the way of 
good security and are easy to prevent. 

Users should be forced to enter a unique password (not used by 
anyone else) of 5 characters or more, then forced to change it 
once a month. The new password should be compared against prior 
passwords to be sure the user doesn't just change it baok (a 
common practice), or switch back and forth between two. Finally, 
users should be educated not to poBt or give out their password. 
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I’booy Log On Trick 

The phony log on trick is a method some hackers use to trick 
others into giving up their passwords. One noted case occurred on 
Co»p-U-Serve. The message "-SYSTEM COMM ERROR- Please Logon" was 
sent to unsuspecting users on the CB simulator. When they 
responded, they were prompted to enter their IDs and passwords 
which the perpetrator later used to access Comp-U-Serve and enter 
their accounts. 

A more common practice is for a hacker, after breaking into a 
new system, to insert a special program in the log-on sequence 
(called The LOGPROC). The program makes it appear to the users as 
though they didn’t get on, and prompts them to re-enter the ID 
and password. These IDs and passwords are stored in a file for 
the hacker who, upon returning to the system, may have built up 
hundreds of accounts. One method to prevent this trick from 
working is described below. 


Automatic Call Back 


This relatively new system has been used successfully to 
thwart outside hackers at many companies. When the user calls the 
system and gives his ID, the Bystem immediately hangs up and 
calls the user back on the number stored for that ID. Only then 
does it prompt the user for his password and allow him to log on. 
This makes it almost impossible for a would be hacker to get on 
the system. He not only needs the ID and password, but he must be 
at the registered users phone number upon call back as well. This 
is one strong way to be sure the user is who he says he is. 


New High Tech Solutions 

A number of new methods to prevent unauthorized access have 
reoently been implemented. They include terminals that require 
special magnetically coded cards, terminals that can read the 
vein pattern in the eye, and even one that can check the users 
finger prints. These gadgets may be good for protecting the 
national defense, but they are usually too expensive and 
oumbersome to be put in all terminals. 

One solution that can be used on any terminal is oalled the 
Smart Card. This is a computerized clock the size and shape of a 
credit card. It displays a different code every 60 seconds, based 
on a formula using the time and the user’s ID number. The 
computer asks for that number when the user logs on, and verifies 
It by applying the same formula. This password that changes every 
(10 Hooonds almost guarantees that the user has the card. In 
another Smart Card variation, the user is given a card that looks 
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like a calculator. When he logs on, he is given a number to type 
in on his card. The card calculates and displays a response 
number which the user types into the terminal for access. Those 
and other new high tech methods may go a long way to help prevent 
the hacker problem. 


Misusing the System/Protecting Your System 

This section discusses some of the ways hackers may misuse a 
system and some additional things that may prevent them. This 
information can be UBed by everyone from a small bulletin board 
sysop all the way up to the manager of a large data center. 


The HHI .P finmm and/User Friendly Systems 

Obviously, most people want to create an easy to use system 
that offers a user help whenever it is needed. Unfortunately, 
crackers can use and misuse this information to learn your 
system. Almost all systems have a HELP command that gives at 
leaBt some information about using the system. A system operator 
must strike a balance between an easy to use system and a 
difficult to crack system. Obviously, a system that requires no 
password, ID, etc., is easier to log onto, but is also much less 
secure. 

The trick to writing good HELP screens is to instruct users 
how to do passive acts, such as reading files, but not reveal 
information on topics like deleting fileB or formatting drives. 
You could assume that anyone who is sophisticated enough to 
properly use those commands would not need the simple HELP 
supplied on the menu. Whether this assumption is right or not, it 
can prevent Borne problems. 


Access Levels 


An access level on a system determines which commands, 
activities, and files a specific user is allowed to access. 
Limiting users to only the functions that they are supposed to 
use helps to secure a system in two ways. First, it prevents a 
legitimate user from accidentally doing things he shouldn’t, and 
second, it can help keep a hacker from gaining complete system 
access. 

Access levels should be set up so that each user can do only 
what he needs to do. Frequently, a level may specify that a usor 
has read-only access to all files except the ones he creatos 
himself. He can be further restricted to be able to read only 
certain files and use only certain commands. 
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()«<;ur i ty P ackages 

Several commercial packages have been available for years to 
help protect mainframe systems (such as RACF from IBM, and Top 
Secrets from CGA Computer), but small sysops usually had only 
what was provided with their BBS system, or whatever they could 
do on their own. This situation is now changing. With micro 
computer use growing stronger in the business community, several 
packages have been released for the IBM PC to protect data. 
Systems such as Mailsafe from RSA Data Security Inc. and Pro-Tek 
from First Byte allow users to protect their files by using data 
encryption, passwords, or special formats. Atari users can use 
the programs in the disk included with this package to do some of 
those same functions. 


Data Proteotion/Control Codes. 

Backups■ Ktc■ 

No matter how secure you feel your system may be, there are 
certain precautions that should always be taken. Below are a few 
which should be considered. 

1. Always write protect your system disk to prevent 
accidental or intentional destruction or modification of 
your password files, access levels, etc. Any new information 
or changes should be added by the sysop after it has been 
reviewed. 

2. A BBS program should watch for control codes that are 
sent to devices. For example, a popular way to crash some 
Forum boards is to leave a message for the sysop (which 
prints on the printer), containing control codes to de¬ 
select the printer. Some modems also allow themselves to be 
controlled from a remote system, but this feature can 
usually be turned off. 

3. Always have back up copies of all data accessible on¬ 
line. This not only can save you from a hacker, but is 
necessary insurance in case a disk failB on its own. 


Stopping Insiders 


As stated in the opening of this section, most damage is done 
not by outside hackers, but by insiders who know the ropes of the 
system. Even the best security measures become ineffective 
ugninst the insider because he may know the security well enough 
to circumvent it. The real key to security against inside jobs is 
offnc11vo personnel management. Be sure the people given access 
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are trustworthy. Aside from that obvious step, there are several 
other things that can be done. The August 19, 1985 issue of 
INFORMATION WEEK magazine presented an extensive discussion of 
the subject. Below are some of the major conclusions they 
reached. 


Policies and Procedures 

Split responsibility for the system among several data 
processing staff members so that no one has total access. 

- Change passwords regularly. 

- When an employee leaves the company, eliminate his account 
immediately. 


The Technical Approach 

Implement data encryption on personal computers. ThiB 
helps prevent local compromise of data stored on PCs and 
LANs. 

- Add front-end processors for another layer of security to 
prevent unauthorized access from external sources. 

Maintain an audit trail of information transferred to 
microcomputers. 

- Restrict access to proprietary data by segregating it on a 
separate system. 

- Restrict unauthorized access to personal computers; keep 
PCs out of public areas; add power locks to PCs with hard 
disks. 

Require positive identification of users beyond simply 
names and passwords. Card access or biometric identification 
(fingerprints, handprints, or the like) serve well here. 


The Managerial Approach 

- Establish a data security policy. 

Establish procedures as a part of employees 
responsibilities and a component of employee evaluation. 

- Screen prospective and current employees before granting 
access to computer data. 

- Limit the amount of information to which any one employee 
has access. 
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Viruses, Worms, and Logic Bombs 

The hottest topic in computing today is invasive programs; 
programs that can travel from system to system, and change over 
time by growing, duplicating, or even "exploding", bringing down 
whole networks. These techniques have names like Program Worms, 
Logic Bombs, Program Viruses, and Self Destruction Programs. Each 
is a little bit different, but all oan be very dangerous if 
misused. These programs do have some legitimate uses. They 
include: 


1. Traoking down portions of old oodo in a large program, 
and updating it with a revision. 

2. Performing diagnostio tests on network systems. 

3. Creating a limited use program by foroing the program to 
solf destruot after a set number of runs. 

4. Performing experiments and simulations by having the 
program aot as a primitive life fora. 


Logic Bombs 

A Logic Bomb is a program that normally performs a useful 
funotion, but on a special condition will turn and destroy 
itself, other programs and files, or attempt to bring down the 
whole system, computer center, of network. A logic bomb can be 
triggered by running a certain set of data, running a certain 
number of times, or just hitting a special condition. 

Most software protection techniques include a form of logic 
bomb. A protected program looks for the protection key. If the 
program finds the protection, it runs normally. But if it doesn’t 
find the protection, it triggers the bomb. It nay stop loading, 
lock up the computer, or even attempt to format the disk. 

Logic bombs have been used by disgruntled employees to get 
revenge, and by users as practical jokes. Software companies and 
programmers may use logic bombs to collect money owed, or to 
create limited use programs. 
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Limited Use or Self Destructing Program s 


A limited use program is a program that will run only a 
certain number of times. A self destructing program is a program 
that will destroy itself (and may destroy the disk and any other 
files it can reach as well) when a special condition occurs. 
These techniques are very effective when used together, for 
example, a limited use program that self destructs when the limit 
is reached. 

These techniques are often used by business software 
publishers. They give the potential purchaser a chance to try the 
program before buying it. The idea is that the user will test the 
program, and like it enough to buy it. But if he tries to keep 
the sample without paying, the program will self destruct. 

The limited use, self destruct protection method is 
relatively simple to use. The program updates a counter on the 
disk each time it’s run, and formats itself when the limit is 
reached. Of course, the program must check to be sure that the 
disk is not write protected, as a write protect prevents the 
program from updating the counter or formatting the disk. Writing 
a sector then checking the status is all that’s needed to check 
for write protection. If the status is bad, the program stops and 
displays a message telling the user to remove the write protect 
before running it again. The Protector (on the program disk 
included with this book) lets you apply this protection to your 
programs. 

Unfortunately, there are loopholes in this method. If the user 
can copy the program, he can make a copy while the program still 
has several uses left (before self destruction). He keeps the 
original copy (with several uses left) in a safe place, and uses 
the back up. When the back-up copy nears destruction, he simply 
makes another copy of the original (remember, the original hasn't 
been used, and will still run several times). Now he uses the new 
back up until it nears destruction, then starts over again. 
Another problem with this method is that even a legitimate 
purchaser can inadvertently destroy a non-write protected disk. 


Program Worms 


The name "worm" was first used for a program in a story by 
John Bruner called Shockwave Rider . It told of an oppressive 
government that used a huge network of computers to track and 
control the people. Eventually, a rebel programmer is able to 
defeat the government by letting loose an unstoppable program 
named "Tapeworm” which ends up destroying the network. 
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John Schach and John Hupp, two research programmers at 
Xerox’s Palo Alto Research Center are credited with actually 
creating the first real program worms in the late 1970’s, They 
were studying the possibility of artificial life by creating 
programs that would reproduce themselves on idle computers. The 
"worm" program could migrate to any accessible computer, then 
take over it's resources for itself. They found it effective for 
checking network security, and then they created mutations for 
other functions. 

One program worm called "Existential" could stay alive in the 
network when some machines were turned off, and would display the 
message "I’M A WORM, CATCH MB IF YOU CAN" on the console of 
computers it inhabited. Eventually, a worm accidentally mutated, 
and brought down over 100 computers on the Xerox network. The 
defective worm Jumped quiokly from oomputer to oomputer, crashing 
oaoh ono as it wont. They spoilt hours trying to find and destroy 
worm segments that had gotten into every corner of the research 
oenter. Fortunately, it was stopped before it made its way 
through a gate whioh linked the research oenter with other 
conters all around tho oountry. Later, they developed a special 
breed of worm oalled "Killer" whioh would seek out and destroy 
other worms on the network. 

The most famous worm program was released on unsuspecting 
Apple users a few years ago. Known as "Killer DOS", it would 
spread over bulletin boards and on copies of disks by acting like 
a regular DOS, but actually infecting all the disks and files it 
manipulated. It waited patiently until the time was right, then 
it would strike by formatting disks or scrambling files and 
directories. Eventually a fix to remove the worm was created, but 
only after it had spread through entire communities and destroyed 
a lot of work. 

These examples show how dangerous a worm program can be. 
Although program worms can be used destructively, their unique 
ability to migrate and reproduce makes a "good" worm a very 
useful program. 


Viruses 


Viruses are the newest kind of potentially destructive 
programs. Like real viruses and worm programs, these programs are 
able to reproduce. Viruses spread by attaching themselveB to 
other programs (worse migrate by themselves). As copieB of the 
infected program spread through the user community, so does the 
virus. Worms, which move from computer to computer on their own, 
are sometimes mistakenly called viruses. 
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A virus usually sneaks in unnoticed, hidden inside an infected 
program. It quietly begins to reproduce, attaching copies of 
itself to every program it touches, stealing valuable storage 
space and processor time. Many include a logic bomb, revealing 
themselves when the bomb goes off and crashes the system. Others 
may remain hidden, silently, systematically destroying data. By 
the time the user discovers the damage, his system and back ups 
may be rendered useless. 

Most viruses don’t reveal themselves right away. They wait for 
a special event to activate or "trigger” them. This waiting 
period gives them time to reproduce and spread without detection. 

Almost anything can trigger a virus. Dates and counters are 
two popular triggers. Some viruses are triggered by a "key" from 
a "companion" virus. This kind of virus is actually two separate 
virus programs. The first invades the system and begins to 
prepare for whatever destruction it will cause. It quietly 
reproduces itself, and waits until its companion reaches the 
system. When the second part arrives, the virus program is 
complete, and the destruction begins. Other viruses are triggered 
when a speoial condition oocurs, perhaps when every available 
program appears to be infected. 

A virus may be a kind of Trojan Horse, a dangerous routine 
deliberately planted inside a seemingly harmless program. But 
most viruses are transmitted accidentally. A user saves a "clean" 
program on his infected hard disk, where the virus attaches a 
copy of itself onto the program. When the user copies the program 
back onto a floppy disk, the virus is copied, too. Unaware of the 
tag along virus, he gives the copy to his friend. His friend 
loads the program on his system, the virus promptly copies itself 
into the new system, and another oomputer is infeoted. 

Most viruses are short and specific. Long virus programs are 
easier to spot before they have a chance to do much damage. By 
targetting a specific program or kind of data, these short 
programs can transmit and reproduce much more effectively. 

A virus doesn’t have to actually ruin programs or files to be 
a nuisance. Some viruses "gobble up" a hard disk. Every time they 
run, they steal more space, and quickly fill the hard disk. 
Reformatting frees up the space, but if the hard disk back up 
contains just a single copy of the virus, it’s only a matter of 
time until it appears full again. 

One of the most famous viruses (technically, a worm) planted 
by a New England graduate student, tied up national networks, 
shut out users, and brought thousands of computer systems to halt 
simply by using all the available transmission lines and 
processor time to copy itself. 
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it infected an estimated 250,000 systems across the country, 
including all the VAX systems at Harvard University and MIT, and 
the computer centers at Lawrence Livermore Laboratories, NASA's 
Ames Research Center, and Berkely Laboratories. It clogged 
Internet, the national computer networks which links federal 
agencies, universities, research laboratories, and firms working 
on government projects. At the Berkely center two Sun systems, 
one of which was running a particle accelerator, where shut down 
for several hours. When the virus was purged and the computers 
were brought back up, one was re-infected within 30 seconds. 

The perpetrator, Robert Morris, claimed the infection was 
simply an experiment that got out of control, but many experts 
don’t believe it was an accident. The program, which was 
approximately 50,000 lines of code, had a sophisticated attack 
technique. It entered through a "hole" or back door (used for 
debugging) in a popular electronic mail program. Once inside, it 
shut off security, took over the system for itself, and began to 
search for new systems to infect. 


A successful virus must be able to hide itself completely, yet 
easily access any disk that’s inserted into the computer. On the 
ST, a safe, easy place to hide is the boot sector. It won’t show 
up on any directory, and it will automatically load itself 
whenever the infected disk is loaded. ThiB kind of virus is 
restricted to non-auto loading disks, such as publio domain or 
data disks. Commercial programs are not necessarily immune, non¬ 
auto loading commercial programs can be attaoked. If this virus 
invades the boot sector of an auto-loading disk, the disk is 
immediately destroyed. The virus wipes out the boot sector code, 
and the program will not load again. 

Fortunately, ST viruses aren’t a serious problem in the U.S. 
(yet!). Most ST virus programs originated in Europe, and the 
problem is much worse there. Viruses are often blamed for damage 
oaused by other problems. 


A virus can wipe out data and programs (and the losses can be 
devastating), but cannot physically damage computer hardware. A 
clover virus can make it appear as though there is physical 
damage. For example, a virus cannot "crash" a disk drive head 
into a disk, but can install it's own drive handler that refuses 
to read or write. If back up copies or other programs are 
infected as well, turning the computer off and re-loading 
produoes the same results. The drive appears broken, but isn’t 
notunlly damaged. However, smoke particles inside a drive, 
dropping a drive, or jarring a drive while it’s busy can break 
It. If there*8 actual physical damage, it’s probably due to 
ordinary failure or human error, not a virus infection. 
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One virus that uses this technique is known as the Rush Hour 
Virus. After an infected computer has been turned on for a while, 
the virus "turns off" the keyboard. Each keypress produces 
nothing but a noise through the speaker. The keyboard appears 
broken, but the real problem is the virus. 


Protection Viruses 

Worms and viruses have been used as a kind of software 
protection technique in one documented case involving Brian 
Computer Services in Pakistan (see New Trends in Software Law). 
The virus was not used simply to prevent a single back-up copy 
from working. Instead, it was used as a kind of "computer 
terrorist" weapon. Hidden inside each copy, it waited until the 
proper moment. Then it struck, destroying valuable data, as well 
as the copy itself. Ironically, the virus was not added to the 
program by the publisher, but by a pirate profiteer! 

Rumors abound of US publishers using viruses and worms in the 
same way. Some tell of a virus that’s activated when the 
protection check fails. The copy appears to work fine. The pirate 
thinks he was successful, and shares his copy with others. But 
when the virus is ready, it strikes - crashing systems and 
leaving no clues behind it. Other rumors tell of pirates 
accidentally (or deliberately) adding viruses to broken versions 
of protected programs. 

Surprisingly, software publishers and programmers have 
actually encouraged these rumours in an attempt to frighten 
pirates. One publisher tried to start a rumor that a broken 
version of a program included a nasty virus added by a pirate. 
They claimed the virus in the broken version would format hard 
disks after it had infeoted the hard disk back ups. 

A program for Amiga computers uses a similar idea with an 
interesting twist. When the protection check fails, the program 
displays an official looking screen that deolares a virus has 
been detected on the disk. It asks the user to remove the write 
protect so the disk can be vaccinated. When the write proteot is 
removed, the program reformats the disk. 

Most people feel that using viruses and worms as a protection 
technique is unjustified. They fear the virus may be accidentally 
triggered on the original, purchased copy. They point out that 
innocent users can be victims. A user may unintentionally run on 
infected copy, or another person may run one on his system. A 
"protection" virus could infect disks that are ment to be shared, 
such as public domain programs or data files. If a user runs one 
of these infected disks, he may find his system crashed or his 
data destroyed by a "protection virus" from a program he has 
never heard of! 
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Protection viruses are a bad idea. The risks to innocent users 
and the potential damages are too great. The bad will and 
publicity surrounding a deliberately planted virus could easily 
kill the sales of an infected product, and haunt the company for 
some time to come. Deliberately planting a virus could be a 
violation of Federal laws, and a software company doing so could 
face criminal charges as well as civil lawsuits for damages. 


Stopping Viruses 

Like worms, some viruses can be useful, valuable programs. 
Unfortunately, their ability to hide and tag along with other 
programs makes a doBtruotivo virus very dangerous. Nobody wants a 
fatal virus infecting their systom. Any system can be a target 
for a virus, but fortunately, there are ways to protect your 
system. 


Vaooinos 

Vaooinos aro programs that seek out and destroy viruses. Some 
can also prevent a virus from infecting or re-infecting a system. 
Vaccines are indispensable tools for recovering data from an 
infected system. But vaccines are not a quick, painless solution 
to the virus problem. 

The virus must be discovered and analyzed before a vaccine 
against it can be developed. An unknown virus can spread to many 
systems and destroy a lot of data before anyone realizes what has 
happened. A vaccine protects against or removes only the 
particular viruses or strains of viruses that it was designed to 
fight. The vaccine will be helpless if a new strain infects the 
system. A trojan horse may still allow a potentially dangerous 
program in. Rumor has it that some sneaky IBM PC viruses are 
disguised as public domain vaccines! 


Preventing Infections 

Viruses, worms, trojan horses, and the like are naturally 
sneaky creatures, and it may be impossible to stop one from 
infecting your system. It's not a good idea to rely on vaccines 
alone to protect you from virus damage. There may not be a remedy 
available for the virus in your system, or you may not discover 
the virus until it’s too late. However, there are some common 
sense steps you can take to keep any damage to a minimum. These 
steps may also protect you from other computing hazards. 
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The first step is to always keep up-to-date back ups of 
everything . Complete, current back-ups protect you from many 
other hazards like power or equipment failures, as well as frost 
viruses. Even if the worst does happen, with good back ups you 
can get your system back up and running fairly quickly, with s 
minimum of lost data. 

Watch your files. If you notice that a file last used months 
ago has a new date stamp, or files seem to mysteriously grow 
larger, you may have a problem. 

Keep floppy disks write protected whenever possible. This 
stops a virus from writing itself on a disk without your 
knowledge. It may also prevent you from accidentally erasing an 
important file. 

Turn your hard disk off whenever you run a new disk, or newly 
downloaded files. This won’t catch a logic bomb (unless it goes 
off right away), but it does protect you from programs that try 
to do nasty things the first time they're loaded. When you’ve 
finished using the new programs, turn your computer off before 
loading anything else. This erases any sly invaders that may be 
lurking in a dark corner of your machine. 



Chapter 9 
The Law 


Introduction 


Piracy continues to grow in spite of the fact that it is 
illegal. Part of the problem stems from the age of the copyright 
laws. The United States copyright laws are over two hundred years 
old. The concepts behind them are even older, descending from 
English Common Law. Most of these laws were written with printed 
material in mind, which is hardware to duplicate than software. 

In broad terms, duplication and distribution of copyrighted 
software, without the copyright owners permission, is illegal. 
But there are exceptions to this rule, and many questions about 
the legal definition of "duplication”. This chapter discusses the 
laws, both current and proposed, regarding copyrights and 
software. 


Legal Protection Methods 


A company which tries to use the law to prevent software 
piracy is using a legal protection method. Unfortunately, legal 
taotics alone are ineffective. To understand why, first we’ll 
take a look at how these forms of legal protection work. We’ll 
also discuss software licensing and software buyer’s rights, 
trade secrets, copyrights patents, and the new trends in software 
law, including criminal convictions for copyright violations, 
orackdowns on pirates, and new data security laws. 


The Uniform C ommerc ial Code 
and Software Licensing 

The Uniform Commercial Code (applicable in most states) is the 
section of law governing commercial business transactions. It's 
tho set of rules that cover almost every transaction in the day 
to day economic life of this oountry. But just how the UCC 
applies to computer products is a gray area. The UCC does not 
cover services like computer programming, but, when the 
programming is "bundled" with hardware (hardware and software 
sold together as a package), it may apply to the whole package. 
In general, computer hardware is covered by the UCC, but software 
Is not. Tho reason is that most software is considered to be 
"licensed" rather than "sold". 
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Software Licensing 

Many software packages carry a disclaimer on the wrappor 
which states that the buyer is purchasing only the right to uso 
the program. In other words, what is being sold is a copy of tho 
software for use by the buyer only, not the software program 
itself. What is not sold are the property rights, or the rightB 
that come with ownership of property. In this case, the property 
is the software, and the legal owner of the property is the 
software publisher. The buyer owns only permission to use tho 
copy of the software that he purchased. This sale of limited 
rights is called licensing. This is why computer software 
generally falls outside the UCC. 

Large companies and schools need many copies of a single 
program, often for different systems and stored on different 
media (5 1/4” disks, 3 1/2" disks, etc.) A software publisher may 
agree to sell a number of copies of a program, and for an 
additional fee, the right to produce other copies for that 
company's use only. This type of agreement is called site 
licensing, and is discussed in full later in this chapter. 


Trade SeoretB. Copyrights, and Patents 


Trade secrets, Copyrights and Patents are the three ways to 
legally protect your program. They may not stop someone from 
copying, reproducing, and distributing your program, but they do 
offer legal reoourse if you find a company copying your ideas or 
a bootlegger selling your programs. Each has different 
requirements, and offers different protection. 

In this section we’ll talk about Trade Secrets and Copyrights, 
how to obtain registration for a copyright, the "look and feel" 
issue, and the pros and cons of registration. We’ll also discuBB 
patents, the differences between patents, copyrights, and trade 
secrets, and the new trends in laws governing software publishers 
rights. 
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Trade. H nnreta 

A trade secret is something of value that gives the ownor an 
odgo over the competition. A trade secret can be ideas, know-how, 
software, or even just information that the owners can benefit 
from. The formula for Coca Cola or McDonald’s recipe for french 
fries are examples of trade secrets. Trade secrets are usually 
protected by state laws, while copyright and patents are 
protected by Federal laws. This means that trade secret laws vary 
from state to state. Fortunately, all states offer software 
programs some protection under the laws that govern unfair 
competition or breach of a confidential relationship. 

To qualify as a trade secret, the information must be kept 
private. It must be specific, and it must be something that is 
not well known. A general formula or something that’s common 
knowledge, easily looked up, or previously published isn’t a 
trade secret. An exact formula or process you developed yourself 
could be a trade secret, if you made every reasonable effort to 
keep it confidential. Publishing the information, providing it to 
others without a non-disclosure agreement, or applying for a 
patent invalidates trade secret protection. 

To claim someone violated your trade secret, you must prove 
they disclosed or used information which they had agreed to keep 
confidential. If you give someone private information without 
asking them to keep it confidential, you cannot claim it’s a 
trade secret. Without a non-disclosure agreement, the other party 
1 b free to use or disclose the information as they wish. You 
cannot stop them or seek damages. If a third party learns your 
information, and it’s not part of a confidential agreement, you 
cannot stop or seek damages from the third party. In other words, 
trade secret protection can be used against someone if and only 
if they agreed to keep your information private. 

Get a written non-disclosure agreement whenever you share 
information that could qualify for trade secret protection. A 
non-disclosure agreement is a signed statement that says the 
other party agrees to keep your information private. It may 
include an expiration date after which the information can be 
released, or it may exclude information that the other party 
already knew. A verbal or oral agreement is just as binding as a 
written agreement, but it is easier to prove breach of confidence 
if you have it in writing. 


Copyrights 

The software copyright laws are similar to the copyright laws 
for books and songs. If you can prove that someone is copying or 
reproducing your copyrighted software, you can stop them and 
oolleot damages. There are exceptions for Fair Use, which we 
discuss a little later. 
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A copyright is simply an acknowledgement by the Kednrnl 
government that you own a work, that you are entitled to profit 
from it, and that you may prevent others from misusing, copying, 
or profiting from it without your permission. A copyright covers 
only the expression of an idea, not the idea itself. For example, 
if you wrote a love song, you could copyright that song. But the 
copyright covers only that song. Anyone could write and copyright 
another love song, as long as it isn’t "substantially similar" to 
yours. In this example, the idea is a song about love, and the 
expression is your particular song. 

Originally, an application had to be filed before a copyright 
was granted, but now a copyright is automatic as soon as a work 
is complete. The law says when two works are substantially 
similar, the one that was completed first is the original. 
Without formal registration, it may be difficult to prove that 
one work was finished before another. 

A copyright covers everyone who seea the work and receives 
proper notice. To give notice, just cle'arly display the oopyright 
in the program and the documentation. The copyright notice is the 
copyright symbol, c , the year the work was first published, and 
the name of the copyright owner. 

The copyright notice must appear on every copy. If just one 
copy laoks this notice, you may lose protection. People who see 
that copy don’t receive notice, and are free to assume the work 
is not protected by a copyright. 


When is a Copy Not a Copy ? 

Making and distributing exact copies of a program is clearly 
a copyright violation. MicroPro International recently won a 
$250,000 suit against Data Equipment Corporation on this basis, 
because Data Equipment was distributing free, unauthorized copies 
of MicroPro programs to customers who bought hard disks. 

But a program doesn’t have to be an exact duplicate to violate 
a copyright. If it’s substantiality similar to (or obviously 
copied from) another program, it’s still infringing. This 
concept of "substantially similar" is a thorny one for software 
publishers. There are no hard and fast rules to determine when 
one program is too much like another. Each individual situation 
must be examined and decided on its own merits. 

Many software publishers are upset about "look-alike" 
programs or "clones". A clone iB a program that looks very much 
like a popular, and usually expensive, program. The clone may 
perform the same tasks in the same way, and may even bear a 
similar name. Clone makers claim their programs are baaed on the 
same idea as the original. Since ideas are not copyrightable, 
their programs may look and act very much like another without 
infringing. Others insist that certain parts of a program, suoh 


75 



HT Protection Techniques 


The Law 


as icons or their placement on the screen, are not copyrightable 
because they are not a unique expression of an idea. But 
publishers whose programs are cloned claim the clones are 
substantially similar, and violate the original program’s 
copyright. 

Some publishers tried to double their protection by obtaining 
one copyright for the whole program, and an additional copyright 
for every important screen display. However, the Copyright Office 
reoently decided that a single copyright protects the entire 
program, including screen displays. 

Publishers have taken done makers to court and won. But the 
question of when is a program a done (and infringing on a 
copyright), and when is it JUHt based on the same idea (and not 
violating a oopyright) is still vary fuzzy. In one instance 
Atari was able to show a oopyright violation, even though the 
program in question had boon completely rewritten. The oourts 
dooidod that K,C. Munohkin (from North Amorioan Phillips Co.) was 
dose enough to Pao-Man to be a oopyright violation, even though 
it was not an exaot oopyV 

Apple reoontiy filed a "look and feel” lawsuit against 
llelewett-Paokard, oharging that HP’s new operating system, 
Windows, violates Apple’s oopyrights on its Macintosh interface. 
Apple made the same oharges against Digital Research Inc.’s GEM 
operating system. That disagreement was settled out of court when 
DRI agreed to modify GEM. HP insists that using icons is an idea, 
not an expression, and therefore a particular icon or the method 
if using it is not copyrightable. Besides, they claim, Apple 
doesn’t own the copyright anyway; Xerox was the first software 
developer to use icons in its Smalltalk program over a decade 
ago, and later in its Star System. Perhaps when this case is 
settled, programmers and publishers will have some clear 
guidelines to follow. 


How to Register for a Copyright 

The Copyright Office classifies different kinds of works 
(books, records, movies, etc.) into different categories. 
Computer programs are classified as machine-readable non-dramatic 
literary works. The requirements for each classification vary, so 
only the requirements for computer software are discussed here. 
Information on registration for other kinds of works is available 
from the Copyright Office. 

The registration process is simple, but the Copyright Office 
is a bit slow. It can take over three months to receive a 
certificate of registration. The first step is to fill out the 
appropriate form for computer software, which is form TX (see the 
end of this section for information on obtaining forms). It's a 
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fairly straightforward form, it asks for the title(s), the 
uuthor(s), names of any other copyright claimants, an update 
section, the work’s manufacture, and if it may be reproduced by 
the Library of Congress for the blind or deaf. 

The title is, of course, the name of the work. While tho 
author is usually the person who actually wrote it, one exception 
is when a person writes it as part of his job. Then the work is 
"made for hire", and the writer’s employer is considered to bo 
the author. The author is usually the copyright claimant. If he 
sells his work and the rights to it, the buyers become the 
copyright claimants. 

The Copyright Office needs to know who manufactures the work 
(prints the books, etc.) because works that are manufactured 
outside of the U.S. and Canada are not fully protected. If the 
work is an update, the copyright office will need the copyright 
information about the' original. 

The registration fete is $10, and must' tee included with the 
application form and a’ deposit of the wof>k'. Usually two complete, 
readable copies are required, but for 1 '"machine readable works" 
(software), the first and. last 25 pages bf the program listing is 
sufficient. 

The effective date of registration is the day on which the 
Copyright Office receives the registration form, the filling fee, 
and the deposit copy. The Copyright Office will not acknowledge 
when it receives the material, and the certificate nay not be 
issued until three months later, so it’s a good idea to send the 
material certified mail' 1 return receipt requested. The return 
receipt is acceptable proof of the"registration date. The address 
is: 


Register of Copyrights 
Copyright Office, Library of Congress 
Washington, D.C. 20558 


All the necessary forms, and additional information can be 
obtained from the Copyright Office. The address is: 

Information and Publications Section LM-455 
Copyright Office, Library of Congress 
Washington, D.C. 20559 

"Copyright Kits”, which include the proper forms, 
instructions, and general information about the copyright 
procedure are available from private companies. You must still 
file yourself, and they will not assist you if your copyright is 
denied or challenged. But if you are unsure about the formB you 
need, would like additional information about filing, and want to 
file quickly, this service may be worth the fee. One suoh sorvion 
is: 
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Copyright Registration Services 
27 Music Square East 
Nashville, TN 37203 
(615) 885-5719. 


R egistration: Pros ft Cons 

Registration has some advantages, but is not required to 
receive full protection. Registration can be used to prove that 
one program was completed before another. "A- program must be 
registered in order to claim copyright infringement. 

One drawback to registration is that it may invalidate any 
trade secret protection. When a copy of the program listing is 
given to the Copyright Office, it becomes public information. 
Anyone can see your coding-, so it's no longer confidential. If 
your program source .p|i»4e is longer than, 50 pages (we've never 
done it), you can av.old this problem by registering only the 
first and last 25 pages of code. As long as the orucial parts are 
not in that section, they will remain confidential, allowing 
trade secret protection as well. 


Copyright Owners Rights. Fair Use. ( 
and Penalties for Infringement . 

The copyright owner ha.s exclusive rights to reproduce the work 
(to make copies), to prepare derivative workB (updates), to 
distribute the work (to sell copies), and to perform or display 
the work publioly. Source code has always been oopyrightable, and 
the Computer Software Protection Act of 1980 made object code and 
ROM oopyrightable also. 

One exception to a copyright is the Fair Use Exception. This 
exception allows limited copies for personal use only. You can 
make a photocopy of a recipe from a cookbook and keep it in a 
recipe file, or make a back up copy of your program for 
safekeeping, but you can’t distribute those copieB to others. 
Teachers, for example, can't make copies for an entire clasB, 
although many do anyway. This is especially important in 
software, because it means that a teacher can't make a copy of a 
program for each student without permission from the publisher. 

A software, buyer can do as he pleases with his copy, as long 
as it doesn’t infringe on the copyright. You can sell your copy 
of the program, but you cannot change the contract made when you 
bought it. For example, if you buy a book from a bookstore, you 
cnii do whntever you like with that copy of the book. You can keep 
ll , givo it away, or sell it to someone else. But you cannot 
print and distribute other copies (or Bell the right to do so), 
imi'aiiMR you did not buy that right. You can buy a copy of a 
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program, then sell that copy to someone else, but you can’t keep 
a copy for yourself, and you can’t make several copies and sell 
them all. The penalties for copyright infringement include 
injunction, imprisonment, and fines of up to $50,000 per illegal 
copy. 

Loaning and renting purchased, original copies is OK under the 
current copyright laws. Libraries loan books, video tapes, and 
often computer software. Like shops that rent and sell video 
tapes, there are companies who rent and sell software. Publishers 
see this as a problem, because customers can rent software, copy 
it, and return it. Most rental firms rent only original copies. 
If a user decides tp keep the rented copy, he must pay for it. 

But one rental firm was simply a pirate's front. For a small 
fee, often less than $5, customers could "rent" a bootleg copy of 
a program. A slightly higher rental fee included a photostat copy 
of the documentation. Each "rental" came with a brief note giving 
an "expiration date", and asked the customer to voluntarily erase 
the program and dispose of the documentation by that date! 


Patents 

Patents are another form of legal protection. Getting a patent 
is expensive and time-consuming. It takes at least a year, and 
can cost thousands of dollars. A patent protects the idea as well 
as the expression, so protection is much broader. To receive a 
patent, the invention must be direoted toward statutory subject 
matter. Statutory subject matter is something that oan be 
expressed in concrete terms, or in written form. An example 
might be a design for a chip (subject matter), expressed in a 
blueprint (concrete terms). 

Many programs were patented in the early 1960’s. In 1966, a 
presidential commission recommended againBt patent protection for 
software, so no software patents were issued for the next 15 
years. The commission felt that because the ideas were expressed 
in mathematical formulas and programs, and used on computers, 
they were not statutory or concrete. In 1982, the Supreme Court 
ruled that software was, indeed, both statutory and patentable. 

The Supreme Court ruling did not unleash a flood of new 
patents. The process is long and costly. Even confidential parts 
must be disclosed to the patent office, invalidating any trade 
secret protection. Patent protection may be worth the time and 
trouble if the program is based on a unique idea or uses a 
creative approach towards solving a problem. 
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llitHically, a patent is a contract between the Federal 
government and the inventor. A patent gives the inventor the 
right to prevent others from making, using, or selling the 
Invention. Patents ususally last for 17 years. When the patent 
expires, the inventor cannot stop anyone from using, making, or 
Helling the invention. 

The inventor must include (in the patent) enough information 
to enable one with "ordinary skill in the art of invention" to 
make and use the invention. This is called the "enabling 
disclosure”, and its purpose is to enhance the public’s awareness 
of new inventions. 

The patent for a software program has three parts. The 
specification, a set of drawing figures, and one or many claims. 

The specification is the main part. It explains what the 
invention is, and what problems it solves. The specification 
usually emphasizes the advantages of the invention, such as 
reduced costs, greater accuracy, increased speed, or enhanced 
productivity. It describes how the invention aohieves these 
things, and should teach the readers about its use. 

The drawing figure section has drawings and charts which help 
explain the invention’s importance. For software patents, this 
seotion usually includes a program listing and flow charts. It 
alBO contains other charts and diagrams which help explain the 
originality or use of the invention. 

The claims section defines exactly what others are excluded 
from making, using, or selling. The claims should be a clear and 
concise explanation that defines the invention. The claims are 
what allows the inventor to license others to make, use, or sell 
hia invention. Also, they permit the inventor to earn licensing 
fees or royalties on his invention. This income is considered 
long term capital gains, and taxed at a lower rate than ordinary 
income. 

Records showing when the idea was conceived and put into 
practice (if it ever was) must be kept. All records should be 
properly witnessed, and kept in a safe place. For more details on 
patents, you might want to refer to the book How to Protect and 
Benefit from your Ideas, whioh can be ordered from: 

American Patent Law Association 
2001 Jefferson Davis Highway 
Arlington, VA 22002 
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A few software companies have decided that the time nml 
trouble is worth the protection that a patent offers. In most 
cases, they chose to patent only a portion of their programs. 
Businessoft obtained a patent in September, 1985 on part of a 
program called Mindreader. It’s a word processing program that, 
includes a word completion routine. The routine is the only part 
that was patented. 

Decision Support Software is another firm which has chosen the 
patent approach. In March 1986, the US Patent Office approved an 
application for a patent on the operation and screen display from 
Decision's Expert Choice System. Mary Ann Selly, the firm’s 
president, says "We want it [the screen display and operation] to 
be unique and associated only with Decision Support Software." 

Quickview Systems, Inc, has spent over $20,000 pursuing 
patents for its software. After two years of waiting, they were 
awarded a patent on a text compression package called Zoom Raoks. 
President Paul Heckel feels that Quickview was lucky the patent 
was awarded so quickly. He says the idea for Zoom Racks is so 
unique and complex that nobody will be able to duplicate it for a 
few years anyway, "But then they’ll have to do business with us 
or take the chance of a patent battle". 

Patents will continue to play a role In software protection, 
but because of the time, expense, and restrictions, they will 
never replace copyrights as the primary means of legal 
protection. Companies will patent important sections of a 
program, such as screen displays and difficult or unique 
routines, because patents afford greater legal protection. 


New Trends in Software Law 


United States copyright laws were established 200 years ago, 
long before most people even dreamed of computers and programs. 
Only recently, in the midst of the personal computer explosion, 
have the laws begun expanding to protect software programmers. 
Traditionally, copyright violations are determined by the concept 
of substantial similarity. If a copyrighted work and a seoond 
work are found to be substantially similar, the seoond is 
infringing on the first. Courts have held that copying souroo 
code in its entirety is an infringement on the copyright. 

One of the most significant changes in patent law was the 
creation of a patent appeals court in Washington D.C. in 1982. 
The new court is headed by a former patent attorney, and it has 
upheld more than half of the patent suits it has heard. 
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But fighting a patent or copyright violation isn't. always 
easy. Apple Computer has spent over $5 million on litigation 
costs since 1981 (not including the look-and-feel case mcntionnd 
earlier) pressing various foreign and domestic patent and 
copyright lawsuits, occasionally meeting with success, as in the 
case against the now bankrupt Franklin Computer Corp. 

The cost of fighting violations runs high because most of the 
illegal products are produced overseas. Senior vice president and 
general counsel with Apple Computer Corp, Albert Eisenstat, says 
60X of all counterfeit products come from Taiwan. Hong Kong and 
Singapore are close behind. 

In some overseas countries piracy is open and brazen. In 
Pakistan, Brain Computer Services sells pirated copies of Lotus 
1-2-3 and Wordstar for as little as $1.50 each. The owners, two 
brothers, claim that Pakistani copyright laws don't cover 
software, therefore it’s legal for Pakistani citizens to buy and 
sell bootleg disks. But Americans who bought from them got more 
than they expected - their disks contained a sophisticated, data 
destroying virus. It eventually spread to more than 100,000 
disks, leaving only the message WELCOME TO THE DUNGKON. Why did 
they target American buyers? Because American copyright laws do 
cover software programs, they felt that American buyers were 
breaking the law and should be punished. The brothers also claim 
they stopped selling Americans infected disks in 1987, satisfied 
that they had "taught the pirates a lesson". 

Lawsuits in other countries may force the governments to take 
some action, but violators rarely face serious penalties. In one 
case, Einstat says several executives from an unidentified 
Taiwanese firm producing counterfeit Apple IIs avoided a 6 month 
jail sentence "By paying the government 50 cents a day to stay 
out of the can”. 

Some feel the solution is for the U.S. to sign the Berne 
Copyright Convention (the U.S. is the only developed nation that 
hasn’t). It would provide more protection than the Universal 
Copyright Convention, which the U.S. now follows. 

But the situation in the United States is not so bleak. In 
1985, a federal court in Pennsylvania considerably broadened the 
protection afforded a copyrighted program by ruling that 
oopyright infringement exists even though the second program is 
not identical to the copyrighted work. Attorney Peter Brown says 
the decision "now clarifies that "translations" of a computer 
program, even if they are not literal, ... (constitute] 
Infringement." This means that adapting or modifying a program 
and selling it without the copyright owners permission can be a 
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copyright violation. Mr. Brown says "If I start with someone 
else’s computer program and then change it, when does it booomo 
mine? ... The answer [is] Never." A federal court in Tennesson 
re-enforced this concept in a similar ruling two months later. 
The courts were not lenient with the offenders, the remedies for 
partial duplication of material included loss of profits and 
injunctions against further work on the products in question. 


First Criminal Conviction for 

Software Copyright Violation 

In August 1985, the first federal conviction involving 
criminal copyright infringement was handed down by a federal jury 
in San Jose, CA. Taiwanese businessman Teh Yi ’Danny* Huang was 
found guilty of three federal counts of conspiracy, smuggling, 
and false statements, and two misdemeanor counts of conspiracy to 
violate copyrights and criminal copyright infringement. All 
previous convictions in connection with computer copyrights have 
been civil cases. This judgement gives prosecutors a powerful new 
tool to use against software profiteers. 


Stine Operations on PirateB 

Another piracy fighting tactic is enforcement of the current 
laws. Software publishers and the Federal government are cracking 
down on sales of illegally copied software. In October 1985, the 
FBI closed down two alleged pirates conducting business as Lowery 
Communication and Computer Software Consultants. In Deoenber 
1985, the FBI raided three alleged software counterfeiting 
operations. In the third raid, against a pirate doing business as 
Joseph Duval Co., agents confiscated over 1,000 disks and 
photocopied manuals, and 10 counterfeit IBM and Apple computers. 

The FBI began it's investigation after several software 
publishers complained that the low-cost computers and programs 
Joseph Duval Co. was advertising in the classified ads of the Los 
Angeles Times and other local papers were illegal copies. Lowery 
Communications had also been advertising in the classified 
section of the same papers. 

Joseph Armstrong, vice president of finance at State of the 
Art, Inc, said they had purchased two 9595 State of the Art 
Accounting Software modules from Duval for $50 each. Armstrong 
said his company has also received numerous phone oalls from 
consumers who said they had bought illegitimate software from the 
pirates. FBI agents purchased several Apple versions of the 
pirated programs as a part of it’s sting operation. It’B believed 
that Duval’s sales were between $2,400 and $3,200 a month. 

Investigators suspect that Duval hired kids to break tho 
programs. He was also charged with supplying illegal merchandise 
to another alleged pirate operation run by his sister in Oregon. 
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Police have also set up sting bulletin boards to catch 
hackers, these are discussed in the section "Cracking Down on 
Sysops". 


New Data Security. Communication, 
and Computer Fraud Laws 

Software law is an exciting, rapidly changing area. In 1984, 
congress made it a crime to tamper with a government computer* 
The state of Ohio is considering a computer crime bill. 

The Comprehensive Crime Control Act states that gaining access 
to classified government data stored in a computer is a felony. 
Gaining unauthorised access to any government computer is a 
misdemeanor. Unauthorised aocess to a commercial computer is a 
misdemeanor only if the oomputer contains information protected 
by the Right to Privaoy Aot or the Fair Credit Reporting Act. 

Legislation to protect computer communications and the rights 
of private oitizens has been proposed in both California and the 
U.8. Senate. Patriok Leahy’s (D-VT) Senate proposal is an update 
to the Federal Wiretap laws of 1968. The bill would expand the 
existing laws to oover digital communication, create standards 
involving acoess to oomputer information by law enforcement 
officials when probable oause exists, and establish criminal and 
civil penalties for breaking into private electronic 
communications systems. The California proposal sponsored by Gwen 
Moore, ACA 9, was an amendment to the state’s constitution to 
expand protection of free speech and protection against illegal 
search and seizure to include oomputer communications. This 
amendment was defeated. 

Congress is considering three computer fraud bills. One makes 
it a misdemeanor to gain unauthorized aocess to any computer 
system used in interstate or foreign commerce. The seoond makes 
any computer related crime a misdemeanor If that crime caused the 
computer’s rightful owners a loss of more that $5,000 annually, 
or if the unauthorized user gained more that $5,000 annually. The 
third bill, the Computer System Protection Act, makes computer 
fraud involving systems used in interstate commerce or federally 
insured financial systems a federal offense. 

A bill calling for jail terms for those who deliberately plant 
destructive viruses is also before oongress. HR5061 gives a 
maximum 10 year sentence to anyone who "knowingly enters, or 
should know that entering, a program or commands that will cause 
a loss" to users of the infected computer. This legislation would 
make so-called "Protection Viruses" illegal. The bill doesn’t 
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cover simple message viruses. People who plant message viruses 
could still be prosecuted under other laws. A New England studont 
who planted a virus that tied up several national networks and 
infected research computers across the country was prosecuted in 
1989 under the Federal Wiretap laws. 

Renting software could also become illegal. SPA and Adapso are 
endorsing the Computer Software Rental Act of 1988, an amendment 
to the current copyright laws. This amendment requires software 
rental firms to obtain the copyright owner's permission beforo 
renting software. 


Conclusion 


Computer software copyrights and data security and protection 
are legal gray areas. Because the issue of piracy is so now, 
there are few statues and legal precedents concerning it. The 
confusion arises because software does not fit into the old laws 
governing non-computer copyrights. Law officials disagree over 
what privileges data communications are eligible to reoeive, 
including privacy and protection from unwarranted searches. 
Judges are beginning to deoide cases involving piracy, and theso 
decisions are the basis of new legal precedents. As problems 
arise, legislators are writing new laws to cope with the 
ambiguity of the old ones. More statutes will be written as the 
law slowly catches up with technology. 

If you would like more information on specific laws, see The 
American Standard Handbook for Software Business Law , written and 
published by attorney John Lautsch, a partner in the law firm Day 
and Lautsch in Newport Beach, CA and Chairman of the Computer Law 
Division of the American Bar Associations section on scienoe and 
technology. 
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Chapter 10 

Freeware, Shareware and 
Other Distribution Methods . 


Freeware and shareware are based on a unique concept. The 
idea is write a good program, offer unprotected copies of it to 
friends, user groups, bulletin boards, etc., for free, and 
encourage them to give the program to others. There’s a catch, of 
course. In the beginning of the program is a short message, 
asking the user to pay $10 or $20, or whatever he feels the 
program is worth, if he likes it and uses it. Since the user is 
under no obligation to pay for the program, a freeware or 
shareware author must rely on good faith, the quality of the 
program, and any guilty feelings he can inspire in his appeal to 
persuade people to compensate him for his effort. 

The idea of freeware was pioneered by Andrew Fluegelman of 
Turbin, California. He offers his programs free to anyone who 
sends him a blank disk. He claims that about 2/3 of the people 
who send him blank disks end- up sending the suggested 
contribution, and about 15% of the people who receive his program 
second hand do the same. 

Freeware and shareware programs are often posted on bulletin 
boards and given to user group libraries. The author may rely 
solely upon the honor system, the quality, and the usefulness of 
the program to solicit contributions, or he may offer added 
benefits such as printed documentation, a copy of the newest 
version, future updates, or copies of other freeware/shareware 
programs to those who pay. 

Fluegelman has three basic principles of freeware. They are: 

1. The value and utility of software is best assessed by the 
user on his/her own system. Only after using a program can 
one really determine whether it serves his applications, 
needs, and techniques. 

2. The creator of independent personal computer software can 
and should be supported by the computing community. 

3. Copying and networking programs should be encouraged, 
rather than restricted (the hacker ethic). The ease with 
which software can be distributed outside traditional 
commercial channels reflects the strengths, rather than the 
weaknesses of electronic information. 



ST Protection Techniques 


Freeware and Hlinrnwnrn 


When a program is distributed as freeware or shareware, thorn 
are some important points to keep in mind. A successful freeware 
or shareware program must meet some of the same criteria thut a 
successful commercial program must meet. It must be good quality, 
or users won’t pay for it. If a program crashes systemB or 
destroys valuable data, the author will probably receive more 
angry complaints and nasty letters than contributions! Even if a 
program is of excellent quality, it must be something that peoplo 
want and need. If people don't need it or use it, few will bo 
interested in it, and few will pay for it. 

Even though a freeware or shareware program is distributed at 
no charge, certain precautions must still be taken. Copyright the 
program to prevent others from reproducing and selling copies for 
their own profit. Most shareware includes a limited license 
allowing users to duplicate and distribute the software to 
others, provided that they do not charge for the program, change 
the copyright notice, or alter the request for contributions. The 
full legal consequences are freeware and shareware are not 
certain, so caution should be taken in this form of marketing. 

Not long ago, freeware and shareware program were usually 
useful "bare bones" utilities, or simple BASIC games. That 
situation has changed. There’s a wealth of freeware and shareware 
programs available for the ST, including spreadsheets/databases, 
graphics programs, and word processors. Some ST magazines have a 
regular column devoted to freeware, shareware, and public domain 
programs. 

Even businesses are beginning to use good quality freeware and 
shareware programs for several reasons. The suggested 
contribution is usually less than the price of most commercial 
programs, and there are no penalties for making additional 
copies. Documentation is usually short and easy to photocopy, and 
is often included on the disk as an easily printed text file. 

The central question regarding freeware and shareware is 
profitability. Fluegelman feels he has been quite successful, and 
plans to continue producing freeware products. Depending upon the 
market (and the program), freeware could produce a significant 
income easily rivaling that of many protected programs after 
pirate version have spread. Others remain skeptioal of 
Fluegelmans’s claims, and believe that freeware and shareware 
have no real future. Freeware and shareware may be the ideal 
distribution method for a quality program whose appeal is far too 
limited for commercial release, or for hobbyists who may write a 
good program or two in their spare time. 
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l'ulij lHh ing in a Magazine 

One sure way to make a few dollars from the sale of a program 
is to write for magazines. The magazine pays the author for a 
copy of the program, the instructions for it, and an article 
describing its benefits. The magazine will also need to buy 
certain ownership rights, so they can print and distribute the 
program. 

Publishing in a magazine is a good learning experience. 
Magazines have standards that submissions must meet. These 
standards are a good guide for someone who is thinking about 
offering his program as freeware/shareware, or submitting it to a 
commercial publisher. 

Programs published in magazines are guaranteed publicity. 
People who read the magazine will see it, and many will try it. 
The author will get plenty of feedback, including praise for a 
job well done, complaints about bugs, and suggestions for 
improvements. Unlike freeware or shareware, the programmer is 
guaranteed to receive some payment for his efforts. 

Publishing programs in magazines can help build an authors 
reputation. It offers a good way to get started without the 
worries of production and marketing. 
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Chapter 11 
A Look Ahead in 
Software Protection 


The problems of software piracy will continue to plague 
programmers and users for some time to come. There are no simple 
solutions. 

The general public believes piracy is worst in the Atari 
community. This may or may not be true, but if software 
publishers believe it, they won't bo enthusiastic about releasing 
new titles for the ST. STs are far more popular in Europe than in 
the US. Fewer oomputors moans fewer copies of ST programs can be 
sold, and that moans fowor profits. Faoed with lower sales and 
profits on ST software, some software publishers have cited "the 
piraoy problem" as an exouse for not releasing ST versions. This 
perception also makes publishers reluctant to drop oopy 
protection when thoy do release ST software. 

Copy protection has started to disappear in some places. In 
the IBM PC market, 80% of business software has no protection at 
all. Publishers in this area use site-licensing, support, and 
similar techniques to fight piracy. 

However, professional quality business programs are highly 
priced. Development costs can be tremendous, as it may take teams 
of programmers months (or years!) to write and debug a complex 
program. The publisher may offer customized versions, 
installation and set up, and training sessions to users. These 
costs, as well as the cost of ongoing customer support, are added 
to the price of the program. A single copy of an IBM business 
program may cost far more than the average ST owner can afford to 
pay. 


One popular pirate complaint is the high cost of software. 
Software prices have begun to fall, and perhaps this trend will 
help discourage piracy. It’s not unusual to see original copies 
of older programs, complete with documentation, priced as low as 
$5. Of course, new software in high demand will always command a 
premium price, but as more titles grow old, the ranks of good 
quality, inexpensive software will grow. 

The abundance of public domain, freeware, shareware, and 
magazine programs may help discourage piracy by supplying plenty 
of excellent, inexpensive (or free) programs. It benefits users 
in other ways, too. People may decide which computer to buy based 
on the amount of inexpensive software available. Software 
companies can’t stay in business by distributing junk programs at 
a premium price when much better programs are available for 
practically nothing. As these firms disappear, so does another 
nxcuHti for piraoy. 
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Hardware data keys will continue to resurface here and thorn, 
but they are too expensive and cumbersome to become very popular. 
They may find a permanent place in applications where data 
security is important. 

Some people think the best way to end piracy is education. 
ADAPSO, SPA (Software Publishers Association), and other groups 
have organized extensive anti-piracy campaigns, including full 
page ads explaining that software piracy is theft. On-line 
services and BBS systems have banned pirated files, and public 
messages offering or asking for pirated software. Magazines and 
newsletters run anti-piracy editorials, and educational articles 
about copyright laws. 

Education alone will probably not convince a die-hard pirate 
to give up piracy, but educational campaigns may have a 
significant impact on some users. Those who occasionally accept 
pirated programs could be persuaded to refuse them. If an anti¬ 
piracy attitude becomes prevalent, belongers may have little 
incentive to pirate, collectors and status seekers may begin to 
prefer authentic versions over stolen copies, and new users may 
not get an opportunity to become pirates. 

Anti-piracy campaigns are beginning to have an effect on the 
business community. On September 11, 1989, SPA began a hot line, 
where individuals can report piracy within their organizations. 
In the first three months, SPA received over 200 calls, many from 
disgruntled ex-employees. SPA has filed 30 legal actions this 
year, and all were settled before trial. The hot line number is 
(800)388-7478. 

SPA also offers an audit program as a less costly alternative 
than going to court. In the program, the offending company pays 
retail price and a small penalty for each illegal copy, and 
replaces them with authorized versions. In return, the company is 
not prosecuted. SPA conducted 10 audits in September, October, 
and November 1989. 

Some software companies are trying to stop piracy through 
amnesty programs. In these programs, companies exchange illegal 
copies for authorized versions for a small fee. 

No doubt software laws will continue to change rapidly. 
Several groups are asking congress for a law requiring software 
rental firms to obtain permission from the publisher before they 
can rent a program. As Apple’s look-and-feel suit slowly winds 
its way through the courts, the rules on copyrights and clones 
will become clearer. 
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Ht.lng operations will continue, and computer crimes low* will 
get tougher. Computer and data security will become tougher and 
tougher, too. Hackers will still make the news occasionally, but 
most likely all but the very cleverest will find themselves 
restricted to public or semi-private systems, and hopefully, any 
dumage they cause will be kept to a minimum. 

The fastest moving area is communications. As modems increase 
in speed and drop in price, more and more people will join the 
on-line crowd. What impact this will have on piracy is hard to 
say. On one hand, it will make it easier to meet and trade 
software, on the other, modem users often develop a greater sense 
of community, and even become friends with their favorite 
software authors. 

Piracy will not disappear anytime soon. But software 
publishers are not about to give up the fight. They will oontinue 
to search for inexpensive protection techniques that load 
quickly, run from hard disks, and allow back-ups, yet prevent 
unauthorized copies from working. Pirates will continue to Beek 
innovative ways of removing or circumventing copy protection. 
Only when users agree that piracy is not in their best interest 
will the problem come to an end. Until that time, the battle 
between software publishers and pirates will rage on. 
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Section III 


TUB TOOLS 


Disclaimer 

The following reviews and opinions are based on extensive 
study and use of the products. They represent a detailed look at 
the usefulness and capabilities of the products, but are not 
necessarily the last word. Products are updated occasionally, new 
features are added, or bugs are fixed. These reviews are based on 
the newest release of these products (the version number is 
listed when available) and will be updated upon each new edition 
of this book. This section atteapts to cover the most popular and 
useful utilities and, needless to say, sone may be left out. If 
your favorite is not here, and you would like to see a review of 
it included in a future revision of this book, please let us 
know. Lastly, keep in Bind that this is an attempt at an 
objective and unbiased view of these products, covering the 
advantages and disadvantages of each. 

The reviews all follow the same general format, to make 
comparisons easier, the format is: 

Product Description 

Brief Product Overview 

The Hardware 

The Software 

Documentation 

Price 

How it Works 
Base of Use 

Installation 
Software Tools 
Support 
Net Results 


You may address all comments, recommendations, 
to Alpha Systems. 


etc. directly 
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Chapter 12 

The Discovery Cartridge 

Happy Computers 
P.O. Box 1268 
Morgan Hill, CA 95037 
408-779-3830 


Reviewed by: Quy Albertelli 


Produot Description 

The Discovery Cartridge la produoed by Happy Computers of 8- 
bit Atari fame. They call it the "ultimate disk upgrade for your 
8T computer". It provides a number of enhancements over the 
normal 8T floppy disk controller, including the ability to use a 
3 r4 and 4' 11 floppy drive, and to read and write virtually any 
possible track format. It can even read and write the Apple 
Macintosh disk formats, which the normal disk controller can not 
do. 


The Hardware 

The hardware consists of a cartridge which plugs into the 
cartridge port, and a special cable which connects the cartridge 
to the floppy disk port on the computer. The cartridge contains a 
special chip which can act as the floppy disk controller. 

The floppy drives are plugged into the cartridge (at the DRIVB 
A/B port). The cartridge itself is a grey plastic box about 4” x 
5" x 1.5", with 3 cable ports on the back ("COMPUTER", "DRIVE 
A/B", and "DRIVB 3/4"). Extra cost options include a battery 
baoked-up clock, support for a 3f« and 4“ floppy drive, a 
passthru cartridge port socket, and ROM/EPROM sockets that may be 
used for 64K Apple Macintosh ROMs. 

The key to the Discovery Cartridge iB the HART microchip. 
It’s a custom integrated circuit designed by Happy Computers. The 
software uses the chip to bypass the regular floppy drive 
controller. It provides access to the basic floppy drive signals, 
without the constraints of the "standard" functions. The HART 
ohip allows you to read and write virtually any format on a ST 
drive. It even allows you to determine how the magnetic fields 
are arranged on the disk, without considering them as "bits". 
This allows it to read and write true Apple Macintosh format 
disks (but only on a bit-by-bit level). 
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The passthru cartridge port is nice in theory, however, it's 
almost useless. One problem is that it's located on the front of 
the box instead of on the side. This leaves very little space for 
another cartridge, and many cartridges are simply too big to fit. 
Another problem is that the Discovery Cartridge occupies a part 
of the cartridge address space, so a second cartridge will not 
respond to accesses at those addresses. This is pointed out in 
the Discovery Cartridge documentation. 


The Software 

The Discovery Cartridge comes with a disk of programs to 
control the cartridge. These programs will back-up a disk 
(DMFMBKUP.TOS), test the cartridge (DTEST.TOS), transfer Apple 
Macintosh format disks to/from MagicSac format disks 
<DMMXFER.TOS), and support the floppy drive option 
(DINSTALL.TOS, DDRIVE.PRG). All the programs are similar. Eaoh 
displays a menu of choices. The options are chosen by entering a 
number. The programs don't use GEM at all. Since the back-up 
program is the Discovery Cartridge’s main feature, that’s the 
program we’ll focus on. 


Documentation 


The package doesn’t come with any printed documentation. 
However, there are documentation files on the disk. The 
documentation is fairly well written and doesn’t contain any 
obvious errors. One annoying aspect is that Happy Computers 
repeatedly states throughout the documentation that they will 
not supply any additional information on the program’s function, 
the output format and meaning, or the hardware interface to the 
HART chip. I don’t know if this is because they no longer have 
that information, or if they are deliberately hiding their 
techniques. Obviously, thiB restricts others from developing or 
improving programs for the Discovery Cartridge. Parts of the 
documentation are very obscure, so only people with a thorough 
knowledge of disk drives will be able to understand these 
sections. It’s like the old saying "If you don’t already 
understand, you don’t need to." 


Price 


The Discovery Cartridge and software is $245.95. The Discovery 
Cartridge, software and extra option package (which includes a 
clock, ROM/EPROM sockets, and Sr 11 4 4“ drive support) is 
$319.95. 
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How It Works 

The HART chip inside the cartridge performs functions that 
the regular disk controller chip can only dream about. The 
regular controller chip reads normal sectors easily, so the 
Discovery software uses it to read regular sectors. The HART chip 
is used to read and write difficult sectors and data. This chip 
also reads the disk as magnetic flux states. This type of read 
tells the length of time that a disk track is magnetized in one 
direction (in 62.5 nanosecond intervals). This allows you to read 
disk data without understanding the encoding technique. It's a 
very powerful copy technique, but takes a lot of RAM to store 
even a single track. This technique can be used to copy 
unreadable disks, like Apple Macintosh format disks, on the ST. 
The HART chip also supports the 3 r * and 4‘* floppy driveB. Happy 
Computers will not release any additional documentation on the 
current or possible future features of the HART ohip. 


Base of Use 


Installation 

Installing the Discovery Cartridge is the same as installing 
any other cartridge. Always be sure that your machine is OFF 
before inserting or removing any cartridge. After you have turned 
off the power, just plug the Discovery Cartridge into the 
cartridge port. Then disconnect the cable to the floppy drives 
from the computer, and plug it into the Discovery Cartridge (in 
the "DRIVE A/B" socket). Use the special cable to connect the 
Cartridge (from the "COMPUTER" port) to the floppy drive port on 
the computer. One problem is that the cables normally supplied 
with floppy drives are too short to allow the drives to be plaood 
on the right hand side of the system and still plug into the 
Discovery Cartridge. If the disk drive cables were longer, about 
3 feet instead of 18 inches, then it would work. 


Software Tools 

The backup program (DMFMBKUP.TOS) is run from the desktop as 
usual (but not in low rez). It presents a menu allowing you to 
exit, seleot and display the current options, or begin making 
baok-ups. The options choice allows you to select the baok-up 
options. You oan select the source and destination drives, the 
oopy mode, and the "back-up control file". The copy mode 
ilfttorminos the kind of copy. You can do a straight floppy to 
floppy oopy, or convert the disk to a file (called an "imago file 
form"), or oonvert from on image file back to it’s orlginul form. 


95 



.'It Pro loci ion Techniques 


The Too 1m 


Unfortunately, the only place to put the output file is on the 
same drive that the back-up program was run from. This means that 
you should never use the drive that the back-up program ran from 
as your source drive. The "back-up control file" uses other 
features of the HART chip, by customizing the copy operation for 
new protection formats. The backup control file provided by Happy 
included 12 different methods. The files included embedded 
comments describing the programs they worked with. 


Support 

Support is one of Happy computer’s weakest areas. The 
documentation clearly states, over and over again, that they will 
not answer any questions (especially questions they feel are 
answered in the documentation), nor will they supply any 
additional information. They tell you not to call the office. All 
communication is via US mail. They will not help you back-up a 
speoific program. They do have an "information machine” you oan 
call, but the documentation states "there may be long periods of 
time between when the messages on the information machine are 
updated”. 

They recently added both a BBS and a FAX interface. You can 
download information about price, availability, and new versions 
of software. This is an improvement, but only if you want to 
place an order or get a software upgrade. If you need assistance, 
these are of little use. 

The only technical information or troubleshooting advice they 
offer iB included in the documentation. However, the programs 
themselves are pretty easy to use, so no extra help should be 
needed. 


Wet Results 

The Discovery Cartridge copies just about anything, and 
requires very little skill on the part of the user. 
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Chapter 13 
ProCopy 

Proco Products 
P.O. Box 665 
Chepachet, RI 02814 
401-568-8459 


Reviewed by: Guy Albertelli 


Product Description 

PROCOPY is a software copy program designed to copy both 
proteoted and unprotected diBks. 


Iha 

PROCOPY oonsists of a single program. Its so easy to use 
that anyone can do it, even without a manual. The current version 
(1.6) seems to be able to baokup almost any disk protection 
technique currently on the market. 


Documentation 


The Prooopy package does not include any printed 
documentation. It does have a detailed documentation file on the 
disk. The documentation explains each function thoroughly, and 
takes you, step by step, through the back-up process. 


Price 


The list price is $34.95. 


How It Works 

PROCOPY achieves itB speed and copy capabilities by 
analyzing each track that it copieB. The Protected Disk Copy 
funotion requires more analysis than a normal disk, so these 
copios are slower. 
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Ease of t)He 

PROCOPY is very easy to use. After starting up, a menu is 
displayed that allows you to set the copy options. There are only 
7 options: the drive to read from, the drive to write to, to 
format the destination disk or not, to use single or double 
sided, to make a protected disk copy, to make more than one copy, 
and to verify the disk after it writes. These options are set by 
pressing the first 7 function keys. The last two function keys (9 
and 10) are used to analyze the input disk, and start the copy. 

The analyze function reads a track, and reports the address 
fields on that track. 

When the copy starts, Procopy checks the source disk to be 

sure it's write protected - a very useful feature. The user 

must know if the disk is single or double sided, and whether 80 
or 82 tracks are used. PROCOPY does not look at the boot sector 
to determine the actual format. It automatically determines and 
handles the number of sectors per track. 


Support 

Procopy is so easy to use that support should not be needed. 
They try to keep on top of the newest protection techniques, and 
regularly release new, improved versions. 


Het Results 

Procopy is simple to use, and makes working back-ups of most 
programs. It won't copy programs (usually games) if the disk 
doesn’t have any address fields on any of the tracks. It’s so 
fast and easy to use that it’s ideal for making routine back-upB. 
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Chapter 14 
Switch/Back 


Alpha Systems 
1012 Skyland Dr. 
Macedonia, OH 44056 
216-374-7469 


Reviewed by: Guy Albertelli 


Product Description 


Switch/Back is a combination hardware/software package that 
allows two or more programs to be loaded into the computer at the 
same time. This is not multi-tasking, however, only one program 
at a time is actually running. Switch/Back merely saves the 
status of all programs but one, and allows that one to control 
the ST. The documentation clearly states that it requires 1 Meg 
or more of memory. Switoh/Back can be used in a 512K system with 
a Polydisk, or with 266K sections. 

Switch/Back provides 6 major functions: PAUSE - the ability to 
interrupt a program at any point and freeze it, BACK-UP - the 
ability to save a frozen program to disk as an ordinary file, 
CAPTURE - Save the frozen program to another section of memory, 
RBSTORE - the ability to restart a frozen program at the point 
where it was Paused, ALTERNATE - the ability to load in and 
■witch baok and forth between two or more exeouting programs, and 
ARCHIVE - the ability to make archive back-ups of most protected 
programs. 

Programmers oan save the development environment in one 
partition, and test a program or desk accessory in another. If 
the test destroys GEM, Switch/Back can immediately Restore the 
development environment (without a time consuming boot). Another 
favorite use is to capture a game at a convenient point. If a 
mistake happens, you can easily restart at the captured point. 
This is especially true for games without a "save" feature. 


The Hard ware 

The Switoh/Back hardware is a small device about 1 1/2 by 2 
lie dies. It plugs into the printer port on the ST. The printer 
untile plugs into the back of the device, so you can use your 
pi Inlnr oven with 8witch/Back installed. The device has a small 
imlI mi mi It, whioh triggers the Switch/Back software. It causes 
sii liilmiupl that tho ST normally ignores, and apparently no 
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other software uses. The device appears well made ( however It 
should have screw sockets on the printer end of the device. It 
does have screws for the CPU end. 


The Software 


The software provided consists of the Switch/Back programs, 
a copy of the public domain ARC.TTP program for archival 
compression, and a sample demonstration program (the wandering 
stick program). Three main programs make up the Switch/Baok 
system. SW_BOOT.PRG installs the Switch/Back hardware support 
program. SW_BACK.PRG (and similar ones in the folder VERSIONS) 
partitions the memory of the ST into active and buffer 
partitions. The resident portion (the part that stays in memory 
after you load other programs) is very small, about 4K, compared 
to other switching programs that take up as much as 75K. The 
third program, SW_BUF.PRG saves and loads disk files into the 
buffer partitions. The first two program names are similar, so 
you must make sure you run the proper one (SW_BOOT.PRO) first. 


nnffiMgntation 


The documentation consists of a small manual (33 pages) and 
a reference card. The manual accurately describes the functions 
of the hardware and software. It has a tutorial that walks you 
through capturing and restoring a running program, using the demo 
program on the disk. Each function is described in its own 
chapter. One nice feature is the reference card. It has the 
functions and key combinations on one sheet as a memory aid. This 
saves digging in the manual for what you need. 


Price 

The list price is $69.95. 


How It Works 

Switch/Back divides a 1 Meg ST into two 512K sections. It 
also takes control of an unused interrupt vector. When the button 
on the hardware device is pressed, Switch/Back takes control of 
the computer, and looks at the keyboard for a command. You oan 
tell it’8 in control because it freezes the program and reverses 
the colors on the screen. If you capture the frozen program, it’s 
saved into the buffer partition. (Due to the ST design, the 
running program must occupy the lowest partition - what ever itB 
size. ) 
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The Switch/Back package includes several versions of the main 
Switch/Back program. These versions create different partition 
sizes: 256K, 512K, 1 meg, and 2 meg. When you choose the 
partition size, Switch/Back automatically creates as many 
partitions as will fit in your machine. Switch/Back needs at 
least two partitions to work properly, so if you have a 1 meg 
machine, you can use two 512K sections, or four 256K sections. 
If you have a 2 meg or 4 meg ST you can use the larger partition 
Bizes (2 1/2 meg machines are restricted to five 512K sections). 
If you choose a smaller size, you’ll have more partitions (eight 
612K sections fit in a 4 meg ST). 

If you are using four or more partitions, you can load and 
save directly to any of the buffers. All you have to do is press 
the numbor for the buffer you want, and Switch/Baok will go 
straight to it. You do not need to "step through" eaoh one. 


fiajitt of Uaa 


Installation 

Installing the hardware is simple. As with all hardware 

UhAMQBj_ turn off the ST before changing any cables . After you 

have turnod off the ST, unplug your printer cable. Plug the 
Swltoh/Baok devioe into the printer port. It only fits in one 
way, and has a label to show you which end goes to the computer. 
Plug your printer cable into the other end of the Switch/Back 
device. The hardware device can stay plugged in even if you’re 
not using the Switch/Back software. It doeB not interfere with 
the printer. 

Installing the software adds a few more steps to the normal 
boot process. First, boot with the Switch/Back software disk 
(hopefully a backup copy) in drive A. Then run SW_BOOT.PRG. This 
program asks which Switch/Back version you want to install. This 
is usually SW_BACK.PRG, other options are in the folder called 
VERSIONS. Once you’ve selected the version you want, Switch/Baok 
will ask if you’re ready to Reset. At this point, you can put any 
disk, autoboot or normal, in the drive. Switch/Back will do a 
special reboot that leaves the Switch/Back program in memory, and 
loads the disk in your drive. 

Once you’ve installed Switch/Back, it’s there to stay. Yot 
can press the reset button as many times as you need, and the 
program will always be there. Everything in the buffers will 
remain intact, too. You must turn the computer off and leave it 
off for a few moments before you can change the partition sizes 
or reload without Switch/Back. 
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Support 

Switch/Back is pretty easy to use, and the docunentation 
includes a troubleshooting section to help you out. If you have 
questions or problems, technical support is available. Comments 
are welcome, and customer’s suggestions are often included in 
upgrades. 


Net Results 


Switch/Back is well made, and functions as advertised. I 
have used it in my development work. It saves me time in testing 
programs that sometimes destroy GBM. The software install 
procedure seems a bit complicated, but that's because it allows 
you to choose from several set ups, and it is able to work with 
autoboot disks. All in all I have found this a useful product. 
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The Protector 

Software Protection Program 


INTRODUCTION 

Important Note 

ON THE DISK 

Programs 

Source Code Routines 

USING THE PROTECTOR 

Applying Protection 
About the Protection 
Tutorial 

COMMANDS & FUNCTIONS 
FILE Menu 
TRACK Menu 
SECTOR Menu 
DISPLAY Menu 
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Introduction 


The Protector is designed to protect programs, files, and disks 
from unauthorized use, copying, or tampering. It allows anyone to 
apply sophisticated software protection schemes to their programs. 
The Protector offers many protection choices, so you can select the 
method or combination of methods best suited to your program. 

The Protector can encrypt a program file, making it impossible 
for someone to view or modify the program oode. Only a special 
loader routine can run the encrypted program. For extra security, 
you can have the program check for a apodal disk aeotor, require 
the user to enter a password, or oven Bolf dostruot after it’s been 
run a certain number of times. 

Tho Protector also inoludoa an advanoed Seotor k Track Editor. 
It gives tho sootor status, allows editing, oheoks the BIOS error 
codas, oraatos oustomiisod sootors, and provides track analysis. 

In soma places, Tho Protector and its documentation assume the 
user understands the protection techniques, and la familiar with 
tho Atari ST system. Before you start, you may want to read the 
accompanying book and the ideas presented there. 


IMPORTANT NOTH 

Keep back-ups of all your source files! Once you have applied 
the protection to your program, it will be as inaccessible to you 
as it will be to anyone else. To help insure the seourity of data 
and programs protected with this package, Alpha Systems will not 
release any technical information about the internal workings of 
The Protector. If you protect your only copy of a program, Alpha 
Systems will not be able to unproteot it for you. 


On the Disk 

The Protector disk contains the following files: 

PRO.PRG - The Protector program. 

CRCMAKE.LST - Computes CRC values. 

DUPSEC.PRG (DUPSEC.C) - A sample program to read tracks with 
duplicate sectors. 

FLOP.O, FLOP.C - Floppy controller C binding calls. 

FRONT. PRG - Used to load programs protected with the 
Protector. 
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LOADER.PRG (LOADER.RSC) - Used to load programs protected with 

the protector, as well as other unprotected files. 

NEWS.TXT - The latest news. 

READSEC.LST (READSEC.C) - Reads a sector and returns any error 
codes. It bypasses the normal GEM routines. 

SELFMOD.LST (SELFMOD.C) - Builds a protection check routine 
from data. Only the data will appear in a listing of the 
protected program, the check will be invisible. 


Using the Protector 


To start, you’ll need a copy of your program, and a fresh, 
formatted disk. Remember to keep an unprotected back-up oopy of 
your source code. 

If you are new to programming, we suggest you read Applying 
Protection and About the Protection before following along with 
the Tutorial at the end of this chapter. These next two sections 
will give you a general idea of how to apply the protection and 
what each protection option does. The Tutorial will show you, step 
by step, how to put protection on your program, including how to 
create a custom format. 


A pplying Protection 

Put the Protector disk in drive A, and turn your ST on. When 
the Desktop window appears, click on PRO.PRG. The Main Screen (fig. 
1 below) will appear. 
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The Main Screen has several pull doun menus across the top, 
FILE, TRACK, SECTOR, and DISPLAY, and an Editor beneath. The Editor 
displays track and sector information from the buffer. When you 
first load The Protector, the buffer is empty and all fields are 
00 . 


The PROTECT command in the FILE pull down menu applies 
protection to your program. It allows you to add password 
protection, set a limited number of uses on the program, and check 
a sector on the disk. It automatically encrypts your program, no 
matter whioh other protection techniques or combination of 
techniques you aoloct (soo About tho Protection). 

Enoryptod files roquiro a loader or front program in order to 
run. Tho loador or front program decrypts the file as it loads. The 
PROTECT commands orontoa a speoial front program for your file. 
It's tho only front or loader program that will run your protected 
filo, othors will not work. 

Tho PROTECT W/LOADBR command uses a multi-purpose loader program 
that’s inoluded on your PROTECTOR disk. This command and loader 
program are disoussed in detail later. 

Applying Password Protection, Limiting Uses, and Encrypting the 
program is as simple as clicking on the boxes (fig. 2). A 
highlighted box means that protection technique will be applied to 
your program. 

If you choose Password protection or Limited Use, the program 
will prompt you to enter the password, the number of uses, what you 
want the program to do when that number is reached, and a brief 
message which will be displayed if the protection check fails. 
These protection options are explain in detail in the section 
Applying Protection . 

Sector Checks are a little trickier. In this option, the program 
reads a particular sector, and looks for a certain error code. If 
the sector is normal (no error code) or returns the wrong error 
code, the program will not run. Of course, in order to check for a 
custom format, you must first design the custom format, then create 
that format on your program disk. 

The Tutorial at the end of this section will show you, step by 
step, how to apply protection to your program. It has an example of 
the Sector Check protection, including how to create a custom 
format, and how to put it on your disk. We recommend following 
along with the Tutorial before you use this protection option. 
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1 PROTECT FILE T 

PASSWORD 

! The front progran nust have the correct 
^ password before it runs the progran. 

LIMIT USE 

! The front progran will only allow the user 
to run the progran a United anount. 

SECT CHECK 

: The front progran nust find an error at a 
given sector before it runs the progran, 



In any case, or none, the progran is 
encrypted, and Hill not run by itself. 


cancel! 




The PROTECTOR asks for the name of the source file, the* 
destination file, the name to use for the front program, and other 
information, depending upon which protection options you’ve chosen. 
Just follow the prompts. Once you’ve entered all the information, 1 
the Protector will do the rest. 

Now that your file is protected, you must run front program in 1 
order to run your file. Just double click on the front program. The 
protected program will run automatically. If the proteotion ( 
requires a password, the front progran will ask for it. 


About the Protection 


This section discusses The Protector Protection Options, Loader 
Program, and Editor in a little more detail. It focuses on using 
The Protector to apply protection to your program. For more 
information on the techniques themselves or the theories behind 
them, please refer to the appropriate sections of the accompanying 
book. A complete description of each Protector menu, option and 
command is given in the following section, Menus 4 Commands, The 
Tutorial, which follows this section, shows you step by step how to 
apply protection to your program. 
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You can apply any combination of protection techniques to your 
file. Always keep one unprotected copy for yourself. Keep your user 
entered passwords and encryption codes written down in a safe 
place, if you lose them, you won’t be able to run or decrypt the 
programs. 


The Loader Program 

LOADER.PRG is a type of front program which runs protected and 
unprotected files. If a file has been encrypted with The Protector 
(using the PROTECT W/LOADER command) only this loader program can 
run it. 

To use this front program, just copy LOADER.PRO onto your disk. 
Use The Protector to protect any files you wish protected, and 
plaoe them on your disk. Whon you're ready to use one of your 
proteotod programs, simply run LOADER.PRO, and ohoose the file. You 
oan later add or dolete other protected programs with The 
Protector. Do not renamo LOADER.PRO. 

The LOADER program looks at the file to see what kind of 
protection it ubob, and checks for it. If the file needs a 
password, for example, it prompts the user to enter it. After it 
passes the protection check, it loads, decrypts, and runs the 
protected program. 


Password Protection 

Password protection requires the user to enter a password 
before the file will run. The password can be up to Bix letters 
long (no numbers or other characters). 

When the protected file is run, the user gets one chance to 
enter the proper password. If the correct password is entered, the 
file loads and runs. If the wrong password is entered, the computer 
locks up. 


Limited Use 

Limited Use protection permits a program to run only a certain 
numbers of times. Limited Use programs can do one of three things 
when the limit is reached; lock up the computer, destroy the file, 
or reformat the disk. A Limited Use program can run up to 99 times. 

The Protector will ask you to enter the number of times you want 
the program to run, the message to be displayed when the limit is 
reached, and choose what you want the program to do then. 
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A word of caution: Always keep an unprotected back-up copy. 
Once your program has run the selected number of timeB, it will 
destroy itself) and cannot be recovered. Also, keep in mind that 
non-write protected disks can be accidentally erased. 

NOTE: The Format Disk option should not be used unless the entire 
disk is being protected. If the protected file can be moved to 
another disk, and the Format Disk option is used to protect it, it 
will destroy itself and any other files on the disk. A powerful 
feature such as this should be used with caution. Stick to the 
Destroy File option if you are protecting only one file. 


Sector Check 

This protection method reads a sector on the disk, and permits 
the program to run only if the read produces a certain BIOS status. 
The TRACK and SECTOR menus provide commands that allow you to 
create a custom sector, check the BIOS status, and format the 
sector on your destination disk. If the sector check fails (i.e., 
if it does not return the proper error code), the program will not 
run. The Tutorial shows how to oreate a oustoa sector. 


Encryption 

Encryption protection scrambles a file so that it oannot be 
loaded, run, or altered. Onoe the file is encrypted, it will not 
load or run unless it is decrypted first. By encrypting the file, 
you change each byte to other, seemingly random, bytes. The 
scrambled file looks like garbage, so it cannot be altered. It can 
only be restored by decrypting it with the proper password. This is 
good for any kind of data that must be kept confidential. Things 
like your charge accounts, Comp-U-Serve ID numbers, and long 
distance access codes are best stored on your oomputer in encrypted 
fora. 


The Protector can decrypt a file, but only if you know the 
exact encryption password. If you attempt to decrypt a file with 
the wrong password, it will be further encrypted. At this point, 
not even The Protector will be able to decipher it for you! 


When a Protection Cheok Fails 

If the protection check fails, the front program will display 
a message of your choioe (characters only, no speoial symbols or 
punctuation). After that, it can do one of three things. It can 
lock-up the computer, destroy the file, or reformat the disk. Of 
course, the front program can take the last two actions only if the 
disk is not write-protected. 
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Tlx* Editor Window 

This is the window that appears on the main screen when you 
first load The Protector. It displays information about tracks and 
sectors stored in the buffer. It has 20 rows of decimal reference 
Ini'utlons in the left column, 16 hex data number, and their 
character equivalents (see fig. 1, above). Use the vertical soroll 
Imr to see information that doesn’t fit on the screen. 

To change a byte, position the cursor over it by pointing at it 
with the mouse, and clicking. Then type a new one in hex. The 
cursor automatically moves to the next byte. Press the FI key to 
rniirk a byte. Only one byte can be marked at a time. 

Use the commands in the TRACK menu to transfer tracks to and 
from the buffer. 


Tutorial 

For this tutorial, we’ll apply protection to the DEMO program 
from your PROTECTOR disk. Copy the DEMO program onto a freBh, 
formatted disk. If you use only one drive, the PROTECTOR will put 
the protected program on the same disk that the unprotected source 
program is on. 


1. Load the Protector Program. 

Put the Protector disk in drive A, and turn your ST on. When 
the Desktop window appears, click on PRO.PRG. The Main Screen (fig. 
1) will appear. 


2. Create the custom format. 

The Sector Check protection option checks for a custom sector 
nnd a BIOS error code. For this example, we’ll show you how create 
error code #4, which is a CRC error. 

A. Go to the TRACK pull down menu at the top of the screen. 
Cliok on the Create Format command. 

B. The box here will appear. The number of addresses is really 
the number of sectors. For this example we’ll use the normal 9 
xootors on our custom track. Click on OK. 

C. This next box will appear for each address 1-9 . We’re 
going to put an Address CRC error on sector 9. Leave the first 8 
mill combos alone, by clicking on the NEXT box at the bottom of the 
wIndow. 
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D. When you reach the 9th address, look at the line in they 
lower right hand corner of the box that says: Add CRC: YES NO. 
Click on the YES. This puts an address CRC error in this sector. 
Cliok on NEXT. ( 

Now you’ve created your own custom sector. 


3. Put the custom sector on the disk. 

Put your destination disk in the drive. Go to the TRACK pull 
down menu, and click on Format Track. 

This box will appear. We’ll put our custom format on Track #10. 
So change the TRACK # to 10. The sector which contains the CRC, 
error is #9, so change the SBCTOR < to 9. Click on OK. * 

The PROTECTOR will reformat the traok to the oustom format 
you’ve created. In this example, it will reformat Traok #10 with an 
address CRC error on seotor #9. 

* 

4. Cheok the seotor. 

You may want to oheck the Beotor to be sure that it returns the^ 
proper error oode before you go any farther. To do this, olick on 
the Check Bios oommand in the SECTOR pull down menu. When the box( 
appears, enter the information for the traok and sector you wish to 
check. For this tutorial, enter Track #10, Sector #9. ^ 

The program will read that traok and sector, and return the 
error code it finds (if any). It should tell you that it’s found 
error #4. ' 


5. Go to the PROTECT oommand. ' 

Put the PROTECTOR disk back in the drive. Go to the FILE pull, 
down menu at the top of the screen. Click on the PROTECT command. " 

This command applies protection to your program, and oreates ay 
special front program. This front program is the only program that' 
will allow your protected program to run. The PROTECT W/LOADBR 
program uses the Loader program on the PROTECTOR disk to load andy 
run protected programs. Other than that, it works just like the 
PROTECT command, so once you’ve finished this Tutorial, you should 
have no trouble using either command. ( 


6. Choose the protection options. 4 

Choose the kinds of protection you want to use by clicking on 
the boxes (fig x.) For this Tutorial, we’ll use them all. I 


I 
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First, the Protecter asks for the number of times you want the 
program to run. We’ll use 9 for this example. Then select what you 
want the program to do when it’s reached that limit. Choose 
whichever options you wish. 

Then it asks you enter a password. For this example, try using 
TEST. 

Next it asks which sector you wish to check. Enter Track #10, 
Sector #9. When the Protector asks which error to check for, enter 
#4 . 


It also asks you te enter a message to display on the screen if 
the protection check fails. For this example, try SORRY CHARLII. 

Now it asks what you want the program to do if the cheok fails. 
You can ohooae to Look-Up, Destroy the File, or Format the Disk. 
Sinoo you'll want to experiment a little with your protected 
program, just ohooae Look-Up. 

The proteotion options are all set. 


7. Name the files. 

Now the computer will ask for the name of the file to protect. 
When the Directory window appears, click on DBMO. 

Next it asks what you want to call the protected file. For this 
example, we can just put the protected file right onto the same 
disk as the unprotected original. Once the program is protected it 
will not run by itself, so it’s a good idea to rename the protected 
program with a .DAT suffix, to avoid any confusion. For this 
example, let’B call it PRG.DAT. 

Finally, the computer askB for the name of the front program. 
Let’s call our front program START.PRG, because it’s used to 
startup your protected program. 

That’8 it! Your program is protected. 


8. Test your proteotion. 

To test the protection, turn off the computer, and put your 
protected disk in the drive. When the desk top oomes up, click on 
the front program (called START.PRG). When the Enter Password 
prompt comes up, type in TEST. The demo should load and run 
perfectly. If you don’t believe it’s really protected, try loading 
it again by clicking on the program itself (called PRG.DAT), or by 
typing in a different password. The message "SORRY CHARLIE" should 
appear on the screen, and the computer will lock up. 


-112- 



MT Protection Techniques 


t 

The Protector 


Menus t Conands 


PILE Menu 


The FILE menu allows you to 
apply and remove protection on 
your files. 

ENCRYPT - This command will 
encrypt a file. It asks for the 
name of the source file, the 
encryption password, and the 
destination file. Don’t forget 
your password! You won’t be able 
to decrypt the file without it. 


DBCRYPT - This command will 
decrypt your file. It asks for the name of the source file, the 
encryption password, and the destination file. Make sure you 
enter the oorrect password. Entering the wrong password will 
destroy the file. 


Track Sector 
i Encrypt File,,, 

! Dencrypt File,,, 

j Protect File.., ^ 

! Protect w/Loader,., 
Delete f/Loader,,, 

Quit 


< 

< 

( 

i 

i 


i 


PROTECT - This command applies up to four kinds of 

protection to your file. Enter the source file, kinds of 
protection, actions to take if the protection fails, the front | 
program, and destination file by following the prompts. This 
command is explain in detail in the Applying Protection section. 

PROTECT W/LOADER - This command is similar to the PROTECT 
command, above. It addB up to four kinds of protection to your 
file. It uses the front program called LOADBR.PRQ, supplied on 
The Proteotor. LOADER.PRO can load up to 20 protected files, or 
an infinite number of unprotected ones. 


To use this command, first copy LOADBR.PRQ onto your disk. 
Then use this command to apply the protection. It asks for the 
same information as the PROTBCT command. Just follow the soreen 
prompts. When it asks for the name of the front program, click on 
LOADER.PRG. 


To run the protected file, double click on LOADER.PRO. You oan 
use LOADER.PRO to run several protected files on the same disk. 
Just use the PROTBCT W/LOADER command to apply the protection to 
each file, and use LOADBR.PRQ as the front program for each file. 

DELBTB F/LOADER - This command deletes a file from the 
loader program’s memory. Just follow the prompts. 

QUIT - This command exits The Protector. 
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TRACK Menu 


This aienu provides commands that 
allow you to analyze, create, and 
manipulate unique formats. 

READ TRACK - This command reads 
any track on either side of the disk 
into a buffer. The Atari disk drive 
controller cannot read the gap bytes 
correctly, so the gap byte values 
may not be accurate, but the number 
of gap bytes is always correct. 


If you Road a Traok, you muBt 
use the Create Traok command before 
you oan Format a Traok. 

FORMAT TRACK - This command uses the data in the 
buffer to format a traok on the disk. The formatting stops 
when The Proteotor reaches a marked byte. To mark the byte and 
sot up the format, refer to The Bditor section, above. To save 
format information to disk as a data file, or to load a data file 
of format information into the buffer, use the SAVE TRACK and 
LOAD TRACK oommandB. 

NOTE: You muBt use the Create Track command before you oan 
format a track. 

IMPORTANT: The Protector will automatically change two bytes 
of data in the buffer when it formats the track. The byte $f4 is 
ohanged to the track number (which is being formatted), and $f3 
is changed to the Bide number (where the track is located). You 
oan also set these bytes yourself by following the prompt. 

ANALYZE TRACK - This command provides detailed information 
about any track. This command does not use the Atari disk 
controller, so there’s little time to sync on the track. This 
may occasionally result in the loss of the number of addresses. 
Try it twice to insure valid results. 


IffiBl Sector Disp 
i Read Track,,, 

I Fornat Track,,, 

j Analyze Track,,,^ 

j Save Fornat,,, 

Load Fornat,,, 


i Create Fornat,,, 
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DRIVE ; A 
SIDE ! 0 
TRUCK ; 03 

SECTOR ! 02 « of Duplicates : 0 

Address CRC Err : NO Hark Type : NORHAL 

Add Data Lost : NO Data CRC Error i NO 

Sector Size ! 512 Sector Found : YES 

Bytes Read ; 512 Sect Data Lost ! NO 


NEXT 


CANCEL 
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CREATE FORMAT - This command creates a track format. First, 
enter the number of addresses. Then, for each address, enter all 
the necessary information. Just follow the screen prompts. Tho 
track you create is stored in the buffer. Use the FORMAT TRACk, 
or SAVE TRACK commands to format the track on your disk, or save 
the track format information to disk as a data file. 


_ CREATE TRUCK 

ADDRESS #01! w 


Address Sync 

f5 

r \ 



ID-AH 

fe 

Sector Size ; 

256 E 

BQ 

Track 

f4 




Side 

f3 

Have Data : 


I NO 

Sector # 

01 




Data Sync 

f5 

Data CRC Error; 

VES 


Data Hark 

fb 




Data Fill 

e5 

Add CRC Error : 

YES 



I NEXT 


PREVIOUS 


CANCEL 


8ECTOR Menu 

This menu provides sector input/ 
output commands, including BIOS 
error codes. 

READ SEC - This command reads 
any seotor into the buffer, and 
gives you its statuses. Sometimes 
the status from this command will 
bo different than the status from 
tho traok analysis, especially with 
complex formats. Try them both. 


Display 


Sector 


Read Sector... 
Write Sector... 

Load Sector,A 
Save Sector,.. 

Check Bios.., 


WRITE SEC - The write sector command uses the data in tho 
buffer to write a sector on the disk. The write stops when tho 
l.iiigram oncounters a marked byte (see The Editor). 
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LOAD SEC - This commands will read a file of sector data 
from a disk into the buffer. 

SAVE SEC - This command saves the sector data in the buffer 
as a data file. 

CHECK BIOS - This command gives you the BIOS error code 
which would be returned if a Rwabs or Floprd command was issued 
to the sector. 


DISPLAY Menu 


LATB NEWS - Displays a text 
file containing the latest in 
software protection news. 


Display 


i Latest NshSi i. j 


Disk Scan,,. 


DISK SCAN - This option is a quick and easy way to search a 
disk for "strange" tracks or unusual formats. When this command 
is chosen, the computer will ask which disk drive to use, and 
which side of the disk to read. It reads all the tracks {0 - 81), 
checks for address fields and errors, and displays the status. 
This way you can easily find which tracks need further analysis. 


Each sector is represented by a character after the track 
number. The chart below shows what each character represents. If 
you want to stop scanning, just press any key. 


Character Meaning 

. (a period or dot) the address field is reasonable (the 

address is valid, but may or may not 
meet the standard specifications). 

M the ST missed the data from the disk 

drive (this should never happen). 

C the address field haB a CRC error. 

E there are no address fields on the 

track (it is empty). 


-117- 



ST Protection Techniques 


The* I'l ul in \ hi 


START FLOP.O - FLOPPY CONTROLLER C BINDING CALLS 

set_drive( drive ) 
int drive; 

/* sets drive light, etc 

2 = Drive A, Side 0 

3 = Drive A, Side 1 

4 = Drive B, Side 0 

5 = Drive B, Side 1 

0 = Deselect (shut off light) 

*/ 

restore)> 

/* forces the head on the selected drive to track 00 and syncs 
the controller chip registers to track 00. This will allow the 
'seek’ call to reaoh the oorreot track. */ 

seek (traok) 
int traok; 

/t puts head on the selected track. ’traok' should be in the 
range 0 to 79 (or 81 for the 82 track format) */ 

int 

read_seotor( seotor, bytes, buffer ) 
int seotor, bytes; 
ohar tbuffer; 

/* seotor is sector on track, use seek to put head on right track */ 
/* bytes is number of bytes of sector to read */ 

/* returned value is the completion status - see below */ 

read_address( fields, idbuffer, statbuffer ) 
int fields; 

ohar tidbuffer, *statbuffer; 

/* reads ’fields’ number of addresses from current track, stores 
6 bytes of id’s to idbuffer and 1 byte floppy disk controller 
status to statbuffer. Note: The ST hardware (DMA) transfers in 
16 byte chuncks, so fields*6 should be divisible by 16 */ 

read_track( bytes, buffer) 
int bytes; 
ohar *buffer; 

/* reads current track, bytes should be > 6250 to read whole 
traok */ 

int 

write_sector( sector, bytes, buffer ) 
int sector, bytes; 
ohar *buffer; 

/* sector is sector on track, use seek to put head on right track */ 
/* bytes is number of bytes of sector to write, writes normal 
data mark */ 

/* returned value is the completion status - see below */ 
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write_traek( bytes, buffer) 
int bytes; 
char »buffer; 

/* writes current track according to specs, bytes should be > 
6250 to write whole track, less will format half tracks */ 

/* completion status; 

all commands, except set_drive() 4 read_address() return integer 
status results as follows: 


bits 0-7 

bit 0 
bit 1 

bit 2 

bit 3 


bit 4 
bit 5 


bit 6 

bit 7 

bits 8-10 
bit 11 

*/ 


fdc status 

= "Command Active" - normally should be off 

= "Index Pulse” - set after a seek() if the head has 
not moved 

= "Head at Track 0" - set after a seekf) or restore)). 
"Lost Data” - no data was found for the sector read. 

= "bltC Error" - either the address field or the data 

lleld checksum was not correct. Data read is 

Unreliable. 

= "Sector not found" - requested sector was not found. 

= "Erased Data Mark" - indicates that the sector read 
was an "erased" sector (see track formating). 

= "Write Protected" - the disk is write protected. 
This flag is set even on sector reads. 

= "Motor On" - indicates that the disk motor is 

running. This should always be on. 
dma status 
timeout 
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Introduction 


The information in this appendix is intended for the 
advanced users. If you don’t understand it, don’t worry. 


GEMDOS Parts 


The GEMDOS design is based on MS-DOS. One basic point was 
that disks and files should be transportable between Atari ST and 
IBM PC computers. As a result, parts of the disk format lean 
heavily on MS-DOS (IBM PC-DOS is also based on MS-DOS). This 
allows (in principle) disks from the Atari ST to work on any IBM 
PC compatible system. Obviously programs cannot be interchanged, 
but data could be. 

However, MS-DOS was designed with the Intel 8086 processor 
chip in mind. Atari STs use the Motorola 68000. The 8086 chip 
stores 2 byte integers backwards from the way the Motorola 68000 
does. Thus, words and long words on disk (as used in the GEMDOS 
parts) do not look the same as they would in a program. As an 
example, consider a word that contains 4095 (or OxOFFF in 
hexadecimal): 

M68000 format: OF FF 

18086 format: FF OF 

Yes, that’s right. The 18086 format puts the least significant 
byte first and the most significant byte second. Long words are 
nvon more reversed. Consider a long word with the value 
0x12345678 in hexadecimal: 

M68000 format: 12 34 56 78 

18086 format: 78 56 34 12 

In the GEMDOS parts of a disk, all words and long words are 
(•lined in the 18086 format. This means you have to reverse then. 
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Boot Sector Format 


The boot sector contains the information that tells GEMD08 
what the format is on the rest of the disk. This sector must bo 
sector 1, track 0, side 0, the first sector on the disk. It's 
also the key sector in a boot disk. If it’s a boot disk (the 
checksum is correct) then this sector may also contain machine 
code. 


Offset Length 
00 2 

02 6 

08 3 

0B 2 

0D 1 


0E 2 


10 1 
11 2 


13 2 


Use 

Branch command if a boot disk 

Reserved - Contains the string "Loader" if 
this is an Atari boot disk sector, 
otherwise unused. 

Disk serial number. This is assigned when the 
disk is formatted, it should be a unique 
number. GEMDOS checks this to determine 
if the disk has been changed. 

Bytes per sector in I 8 O 861 format. Should be 
512 (or 0x0002 - remember 18086 format). 

Sectors per cluster. Clusters are the minimum 
amount of disk space allocated at one 
time. No file can be shorter than a 
cluster. This value is usually 2, so 
clusters are usually 1024 bytes long. 

Reserved sector oount in 18086 format. 
Usually a 1. This represents the sectors 
devoted to the boot program. It must be 
at least 1 to account for the boot 
sector itself. GBMDOS assumes this is a 
one, and will not find the FAT or root 
directory if it is not a 1 . 

Number of File Allocation Tables. Usually a 

2 . 

Number of director entries in the root 
directory in 18086 format. This is 
usually a 0x7000 which converts to 112 
(remember the format). Since each direc¬ 
tory entry is 32 bytes, the root direc¬ 
tory occupies 7 sectors (112*32/512). 

Number of sectors on the diBk in 18086 
format. For single sided standard disks 
(9 sector per track, 80 tracks) this is 
720 or 0xD002. For double sided standard 
disks this is 1440 or 0xA005, 
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1 Media descriptor byte. GEMDOS doesn’t imn 
this byte. However, MS-DOS uses it as a way 
of determining the disk format. Values 
supported by MS-DOS are: 

0xF8 Hard Disk 

0xF9 720K 3.5" disk. 

Normal 80 track/9 sector 
double sided disk. 

OxFD 1.44M 3.5" disk. 

The ST can not read these 
disks. 

2 Number of sectors in a File Allocation Table 
(FAT) in 18086 format. This value is 
normally 5 or 0x0500. 

2 Number of sectors on a track in 18086 format. 

This value is normally a 9 or 0x0900. In 
the 10 sector per track disk format, 
this would be 10 or OxOAOO. 

2 Number of sides on the disk in 18086 format. 

For single sided disks, this is a 1 or 
0x0100, for double sided disks, this is 
a 2 or 0x0200. 

2 Number of hidden sectors in 18086 format. 

This value is (reportedly) ignored by 
GEMDOS. 

The following values are only used with boot disks. The area 
from OxlE to OxOlFE is available for the boot program. The last 
two bytes in the sector are reserved for an adjustment value for 
the boot checksum. This value is adjusted so that if the sum of 

all the words in this sector equals 0x1234, then the disk is 

considered a boot disk. 

The branch instruction in the first two bytes gives the boot 
program control. The boot program can do anything. If it sets the 
word at memory location 0x0482 to non-zero, GEMDOS will 

automatically attempt to execute the program "COMMAND.PRG" 

All other functions of a boot disk are caused either by code in 
the boot sector, or programs invoked by it. 


16 

18 

1A 

1C 


Diroulori 8eotor Format 


Hnoh direotory 

■ iilry is 32 bytes 

■ •I'lora long, whioh 


sector consists of 16 directory entries. Each 
in length. The root directory is usually 7 
allows only 112 entries. 
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Directory Entry Format 

A directory entry describes a file on the disk. The file can 
contain programs, data, or another directory (which is called a 
subdirectory). Each directory entry is 32 bytes long, and has the 
following format: 

Offset Length Use 

0 11 The name of the file. The first 8 characters 

are the filename, and the last 3 are the 
extension. The names are blank padded 
and left justified. The first character 
of the filename has special meaning: 

0x00 This entry has never been 

used. 

0x05 This is a good entry and the 

first character is really an 
0xE5. 

0x2E This entry is a parent 

directory entry. If the next 
byte in the filename is a 
0x00, then this entry is a 
pointer to a subdirectory, and 
the first cluster value is the 
same as the first cluster of 
the subdirectory. If the next 
byte in the filename is also 
0x2E, then this entry is a 
pointer to the parent 

directory, and the first 
cluster value is the same as 
the first cluster of the 
parent directory. In this 
case, if the first cluster 

value is zero, then the parent 
is really the root directory. 
0xE5 This file has been deleted. 

The rest of the filename is 
still in place, but all 
clusters in the FAT have been 
freed. 

Ox?? Any other character is part of 

the actual file name. 

0B 1 File Attributes. Each bit in this byte 

indicates a different attribute. If a 
bit is on, then the file has the 

corresponding attribute. Multiple bits 
can be on at the same time. 

0x01 File is read-only. GEMDOS will 

not allow the file to be 
opened for output. 
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OC 10 

16 2 


18 2 


1A 2 

It: 4 


0x02 File is "hidden". Thin Clio 

will not appear in the Peek top 
windows, nor will it appear 111 
the standard file selector. 
This file can be opened only 
if you know its name and 
request it specifically. 

0x04 File is a "system file". This 

is similar to a "hidden" file 
above. It is support because 
MS-DOS defines its functions. 
0x08 Volume label. The file name 

itself is the volume label. 
The rest of this entry is 
ignored. 

0x10 File is a subdirectory. This 

file does not contain data, it 
contains other directory 
entries. 

0x20 File updated. This bit is set 

if the file has been written 
to and closed. It was not set 
properly with the first couple 
of ROM versions of GEMDOS, 
however, it may now be fixed 
in the newer versions. 

0x40 Reserved - Unused 

0x80 Reserved - Unused 

Reserved - Unused. 

Time of Day. The time the file was laBt 

modified, stored in 18086 format. After 
reversing to get in M68000 format, the 
first 5 bitB are the hour (24 hour 

format). The next 6 bits are the minute. 
The last 5 bits are the number of 

seconds divided by 2. 

Date. The date the file was last modified, 

stored in 18086 format. After reversing 

to get in M68000 format, the first 7 
bits is the year (to be added to 1980). 
The next 4 bits are the month. The last 
5 bits are the day. 

First Cluster. This is the number of the 
first data cluster for the file, stored 
in 18086 format. 

Length of File. This is the length of the 
file in bytes. This field determines when the 
last byte in the file has been read. It is 
stored in 18086 long word format. Files that 
have been opened and written to, but not 
closed, will have a proper directory entry 
and FAT chain (see next section), but this 
field will be zero. If you change this field, 
you may recover some of the data in the file. 
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File Allocation Table (FAT) Format 

The File Allocation Table (or FAT) tells which sectors belong 
to which files. The file system in GEMDOS does not allocate the 
disk space in sectors, but in clusters. A cluster is a set of 
contiguous sectors on the disk. The number of sectors in a 
cluster is part of the Boot Sector (see Boot Sector Format 
above). 

The first available cluster number is 2. The FAT entries 0 and 
1 are not used (clusters 0 and 1). 

The number of the first cluster in a file is recorded in the 
file’s directory entry (see Directory Entry Format above). Each 
cluster’s associated FAT entry holds the number of the next 
cluster in the file. If there are no more clusters in the file, 
then the last cluster’s FAT entry contains an end-of-file 
indicator. 

For example, let's say clusters t 2 and #5 are in a file. The 
value of FAT entry #2 is the number of the next cluster in that 
file, in this case, it’s 5. The value in FAT entry #5 is the 
number of the cluster that follows cluster #5 (if cluster #5 is 
the last cluster, then FAT entry #5 contains an end-of-file 
indicator). This provides a way of chaining clusters together to 
support large files. 

Certain values in a FAT entry have special meaning: 

0x000 Indicates that the associated cluster is free (not 

a part of any file). This cluster can be allocated 
by GEMDOS for any file. 

0x001 Illegal Value . This value should never occur in a 

FAT entry. 

0x002-0xFEF Number of the next cluster in the file (and the 
index of the next FAT entry for the file). 

0xFF0-0xFF7 Indicates that the associated cluster was 
unusable when the disk was formatted. This may 
happen when the disk surface has been scratched or 
damaged. You can also use this code to set 
clusters as "off limits" to GEMDOS. 

0xFF8-0xFFF Indicates that this cluster is the last in the 
file. This is the "end-of-file marker". 

On floppy disks, the FAT entries are 12 bits long. On hard 
disks, the FAT entries are usually 16 bits long. For a 12-bit 
format FAT, the entries are stored in 18086 format, and two 
entries are stored in three bytes. For example, the following 
shows the first 6 entries in a 12 bit FAT: 

00 10 11 22 32 33 44 54 55 . 
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The following shows a FAT with the first file having the 
first 4 clusters (cluster 2 to cluster 5) allocated to it: 

«im rr rr 03 40 00 05 80 FF .... 

Decoded this is: 

mm rr rr 003 004 005 FF8 

The "am" is the same media descriptor byte as in the boot sector 
at offset 0x15. Note, the "r" indicates that the next 2 bytes are 
reserved and not used. 

Once you have the cluster number, you need to convert it to 
a relative sector number. This is done by the following steps: 

1. Set LSN = CL - 2. Where CL is the known cluster number. 

2. Set LSN = LSN » SPC. Where SPC is the number of 
sector* per duster from the boot sector (offset OxOD). 

3. Set LSN = LSN + DTR. Where DTR is fsiz * nfat + raec + 
(ndir * 32 / bpB) . 


fsiz 

is 

at offset 

0x16 in the 

boot 

sector. 


The 

number of 

sectors in 

the FAT. 


nfat 

is 

at offset 

0x10 in the 

boot 

sector. 


The 

number of 

FATs on the 

disk. 


raec 

is 

at offset 

OxOB in the 

boot 

sector. 


The 

number of 

reserved sectors. 


ndir 

is 

at offset 

0x11 in the 

boot 

sector. 


The 

number of directory 

entries 

in the 


root directory. 



bps 

is 

at offset 

OxOB in the 

boot 

sector. 


The 

number of 

bytes in a 

Beotor. 


is now 

the relative sector number 

of the 

first 


sector in the cluster. 


To get the side, track, and sector number of a relative 
Hector number, follow these steps: 

1. Set TRK = LSN / (spt * sides). Where LSN is the 
relative sector number, "spt" is at offset 0x18 in the 
boot sector (sectors per track), and "sides" is at 
offset OxlA in the boot sector (sides on the disk). 

2. 8et SIDE to the remainder of the above division. 

3. Sot SIDE = SIDE / spt. Where "spt" is as in step 1. 
TIiIh gives the side number as a 0 or 1. 
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4, Set SECTOR to the remainder of the above division + 1. 

The +1 is important to get the correct sector number. 


ST/IBM Dish Interchange 

In order to transfer files between IBM (MS-DOS) machines and 
Atari STs, the disks must be formatted so that both systems can 
read them. At this writing, the necessary elements seem to be: 

1. The disk be formatted as double sided, 80 track, and 9 
sector. The 82 track format will not work, IBM machines 
cannot read them. MS-DOS cannot read single sided 3.5” disks 

2. The "Media Descriptor Byte" in both the boot sector and the 
first byte of the FAT should be an 0xF9 to properly indicate 
the format of the disk. Here the ST fails. The old ROMs 
format a double sided disk with an 0xF9 in the boot sector, 
but the FAT gets an 0xF7. The only formatter to properly 
handle the FAT and boot sector is Double Click Formatter 
Version 3.0 (version 2.21 sets the FAT to 00). 

3. The data must be recorded in a reasonable file format for 
the program on the IBM side. ASCII text files seem OK, LOTUS 
should be able to read .WKS format files. Note, however, 
that binary data written by simple-minded programs on the ST 
will not store integers correctly (in the 18086 format). You 
must be careful of this. 


Disk Track Format 


The format of a disk track depends on the eleotronics in the 
drive, and the fact that the disk is spinning at a constant speed 
(300 rpm). Remember, once a disk is spinning, it can’t be stopped 
while the data is interpreted. The data has to be interpreted on 
the fly. This accounts for a number of the fields recorded on 
each track. 


Conceptual Format 

Each track (at the conceptual level) consists of 9 pairs of 
address fields and data fields. Each pair makes a sector. The 
order of sectors on the track is arbitrary, however, it does 
affect the speed with which multiple sectors can be read. If the 
sectors are put on the track in numerical order, then the 
following is the conceptual format of the track 
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Address field 1 
Data field 1 
Address field 2 
Data field 2 


AddresB field 9 
Data field 9 

Remember, each address field has 4 basic items in it: the 
traok number, the side number, the sector number, and the data 
field size. The data field contains only the data itself. 


Uar du firs. Foraat 

The actual hardware format of a track is determined by the 
floppy disk controller chip in the ST. Some of the following code 
bytea are apeolfio, because the chip recognizes only those bytes. 
In addition to the address fields and data fields, the hardware 
needs gap fields, sync fields, marker fields, and CRC fields. 

Tho gap fields give the hardware time for processing. The syno 
fields make sure that the bits are divided into bytes correctly. 
(Eaoh bit is read off the disk in series. The computer must 
determine where each byte starts and ends.) The marker fields 
tell whether an address or data is coming next. The CRC fields 
allow the computer to detect if any errors occurred during the 
read. 

With those definitions out of the way, the format of a traok 
is as follows: 

Value (hex) Count Value (hex) 


Traok start gap 

Count 

60 

on Disk 

4E 

for Format 
60 

for Form 

4E 

Sector start gap 

12 

00 

12 

00 

8ootor SYNC 

3 

A1 

3 

F5 

Address ID 

1 

FE 

1 

FE 

Traok number 

1 

track 

1 

track 

Side number 

1 

side 

1 

side 

Sector number 

1 

sector 

1 

sector 

Sootor length 

1 

length 

1 

length 

Address CRC 

2 

?? 

1 

F7 

Data field gap 

22 

4E 

22 

4E 

Data start gap 

12 

00 

12 

00 

Data SYNC 

3 

A1 

3 

F6 

Data ID 

1 

FB 

1 

FB 

Initial data 

512 

E5 

512 

E5 

Data CRC 

2 

?? 

1 

F7 

Mentor end gap 

40 

4E 

40 

4E 
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repeat the above fields 8 more times for the next 8 sectors 
Track end gap 664 4E 664 4E 


Note that the symbols above have the following meaning: 


track 

side 

sector 

size 


The track number. Normally between 0 and 79. 

The side number. Normally between 0 and 1. 

The sector number. Normally between 1 and 9. 

The size number. 0x00 means 128 bytes per sector, 
means 256 bytes per sector. 0x02 means 512 bytes 
sector (normal for the ST). 0x03 means 1024 bytes 
sector. 

The CRC value. These bytes are computed by the 
algorithm (see below). Their value depends on 
values of the other bytes. 


CRC Algorithm 

CRC = x**16 + x**12 + x**5 + 1 


0x01 

per 

per 

CRC 

the 
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Publications: 


2600 Magazine - A magazine for phone phreaks 

2600 Magazine 
PO Box 752 

Middle Island, NY 11953 
(516) 751-2600 


Syslaw: A Legal Guide for Sysops - Outlines a sysops rights 

& responsibilities 

LLM Press 

150 Broadway Suite 160 
New York, NY 10038 
(212) 766-3785 


Copyright regsitration forms & information 

Information k Publications Section LM-455 
Copyright Office, Library of Congress 
Washington, DC 20559 

Mail copyright registrations to: 

Register of Copyrights 

Copyright Office, Library of Congress 

Washington, DC 20558 

Copyright Kits 

Copyright Registration Service 
27 Music Square East 
Nashville, TN 37203 
(615) 885-5719 


Mow to Protect & Beni fit From Your IdeaB - Information on 
patents & patent applications 

American Patent Law Association 
2001 Jefferson Davis Hwy 
Arlington, VA 22002 



Ml I' I (I I <•(■ I I on Tei'hll 1 


A)i|)i'liil I x 


Software & Programs 

Discovery Cartridge 

Hapy Computers 
PO Box 1268 

Morgan Hill, CA 95037 
(408) 779-3830 


ProCopy 

ProCo Products 
PO Box 665 

Chepachet, RI 02814 
(401) 568-84459 


Switch/Back 

Alpha Systems 
1012 Skyland Dr. 
Macedonia, OH 44056 
(216) 467-5665 


Hardware, Electronic parts & supplies, hardware manualB 

B & C ComputerVisions 
3283 Kifer Rd 
Santa Clara, CA 95051 
(408) 749-1003 
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Access Levels - This determines what a user can see and do on a 
BBS. Higher access levels place fewer restrictions on usor 
activitiest lower levelB have nore restrictions. 

Account - A Password/ID combination that permits a usor to 
perform specific functions in an on-line system. 

Address Field - The first part of a sector. It gives the location 
(address) of the sector on the disk. 

ANI Numbers - Special telephone numbers that, when called, will 
identify the number of the telephone that the call is being 
placed from. 

AUTO Folder - A special collection of programs on a disk. GEMD08 
automatically runs any program stored in a folder with this 
name whenever the disk is loaded. 

Baok Doors - Special accounts used by manufacturers, repair 
personnel, system programmers, etc., to access a computer 
system. They are usually known only to the person who set 
them up. 

Bad CRC Value - See CSC Error. 

Bad Data Harks - Marks used to identify the type of data in a 
disk sector. Invalid data marks are used in copy protection. 

Bad 8eotors - Sectors which cause real errors when QEMDOS tries 
to read them. 

Dank Select Cartridges - Cartridges that can switch between two 
or more separate banks of memory. They are used for 
cartridges with, more than 16K. 

Baud Rate - The rate at which data is transmitted over a 
communications channel. 

BBH - Bulletin Board System. See Boards. 

Mels Version - A test version of unreleased software. Beta 
versions are usually not completely debugged. 

I1IOH Basic Input Output System. This is the software interface 
between QEMDOS and the hardware. It is the hardware- 
dependent part of TOS. The Atari ST BIOS has extra functions 
which support the special ST hardware features, called the 
XIIIOH (extended Basic Input Output System). 
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Boards - Electronic Bulletin Board Systems. They can be large, 
public systems such as Comp-U-Serve, or small and private, 
like many pirate boards. They allow other computer users to 
call by modem to exchange data and information. 

Boot - The process of loading a program from a disk or tape into 
the computer. 

Boot Disks - Disks which have a program that will automatically 
load and run. All the user must do is put the disk in drive 
A and turn the computer on. 

Boot Sectors - The sectors on a disk where the loading 
information is stored. Sector 1 is the boot sector on ST 
computers. The program code stored in the boot sector can 
make the computer do anything. 

Boxes, Black Boxes - Boxes are hardware devices used by phreakers 
to control or deceive the phone company's computers. Black 
boxes are the most widely used. Some software programs use 
the Atari’s advanced sound capabilities to replace hardware 
boxes. 

Buffer - An area of memory where information can be safely stored 
until it is needed. 

Checksum - A number that is the sum of certain key values. The 
computer uses checksums to insure that data is written or 
read correctly. They are used in protection to prevent 
altered programs from running. 

Clone - In the computer world, a clone is a close copy that has 
the functions, abilities, compatibility, and "look and feel" 
of the original. 

Cluster - A collection of sectors (usually 2). 

Common Channel Interoffice Switching (CCIS) - A system used by 
the telephone company, with one line for voice, and a 
separate line for signals. 

Compiler - A piece of software which converts program code into 
machine language. 

Contiguous - Adjoining, next to. 

Copyright - The right to make and distribute copies of a work. 
Copyrights protect only the expression of an idea, not the 
idea itself. 

CRC - Cyclioal Redundancy Check. A checksum the computer uses to 
insure that data on a sector was written or read correctly. 
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GUO Errors - Errors that occur when the CRC bytes do not match 
the data on a disk sector. 

Cracking - The practice of breaking into computer systems, often 
using telecommunications. 

Custom Format - A layout of sectors and tracks on a disk that 
does not match the standard disk format. 

Data Encryption - See Encryption. 

Data Field - The segment of a disk sector where the actual 
program data is stored. 

Data Key - See Hardware Data Key. 

Detokenizer - A program that converts BASIC tokens into the BASIC 
commands they represent. It can be used to LIST "unLISTable" 
BASIC programs. 

Different Size Sectors - Sectors which are larger or smaller than 
512 bytes. A track can contain one sector that is a 
different size, or all the sectors on the track can be the 
ease size, other than 512 bytes (5 sectors of 1024 bytes). 
See also Format, Sector, Track. 

Disk Resident key - A special software key that a program uses as 
part of the oopy protection, located somewhere on the 
software disk. It may be a special format, file, or error 
code. If the program finds the key, it runs, if not, it may 
run partially or not at all. 

Directory - A "table of contents" for a disk. It contains the 
files and their locations on a disk, and may contain 
subdirectories, which list other files and their locations. 

Directory Analysis - The process of analyzing a disk's directory. 

Disassembler - A program which will convert machine language into 
Assembly Language for easy analysis and use. 

Dongle - Slang for Hardware Data Key. See Hardware Data Key. 

D08 - Disk Operating System. It controls the operations of the 

disk drive. Atari STs use GEMDOS (see GEMDOS). 

Duplicate Sectors - Two sectors with the same number, but each 
oontains different data. They are used in software 
protection. 

Electronic Switching System (ESS) - A system permitting the 
telephone company to trace calls in a matter of seconds. 
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Encryption - The process of converting data into a code through 
the use of a block of data called the key. 

EPROM - Erasable Programmable Read Only Memory. Memory chips that 
can be programmed and erased with ultraviolet light. 

EPROM Burner - A hardware device that can read and write to an 
EPROM or PROM chip. 

Extra Sectors - The 10“ or 11“ sector on a track (normal tracks 
have 9 sectors). The ll 11 sector is not reliable. 

File Allocation Table (FAT) - A chart or table on a disk that 
indicates which sectors and clusters belong to which files. 

Format - The layout of data on a disk or programs tape. Standard 
disk format fo.r the Atari ST is 80 tracks per side, 9 
sectors per track, 512 bytes per sector. Up to 11 standard 
sectors will fit on a track (the 11“ is not reliable). If 
the sector size is different, the number of sectors per 
track must change accordingly. Up to 82 tracks will fit on a 
disk (some drives may not be able to handle the 81*' & 82* d 

tracks). See also Sector, Track. 

Freeware/Shareware - Free programs that include a notice asking 
users who like and use the program to send the author a 
suggested contribution, and encouraging them to share the 
program with others. 

Front Operation - A facade used to cover up a BBS devoted to 
piracy. 

Front Program - A Bhort program used to decrypt, load, and run an 
ecrypted, protected program. 

Fuzzy Sectors - See Wandering Bits. 

GEMDOS - An operating system designed for the $8000 computers by 
Digital Research. GEMDOS is the hardware-independent part of 
TOS, and provides control of input and output. 

Hackers - Dedicated computer hobbyists who enjoy the technical 
side of computing. 

Hacking - Using a trial and error process of working out codes or 
numbers, such as MCI access codes. Also refers to quickly 
programming or changing programs. 

Hardware Data Key - a hardware device used to protect a program. 
The software may be copyable, but the key must be plugged 
into the computer in order for the software to run properly. 
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llldilon File - A file that will not appear in any directory or 
file selector. To open a hidden file, it must bo 

specifically requested by name. 

Impossible Sectors - Sectors whose address fields contain special 
values which the normally floppy controller cannot write. 

Koy Chain, Key Ring - A proposed device which would hold several 
different hardware data keys, and permit the appropriate key 
to communicate with the computer. 

Koy Disk - A disk which contains a special software key. Programs 
protected with this technique can be backed up or installed 
on a hard disk, but will not run unless the key disk is in 
one of the floppy drives. 

hloensing - The practice of selling only a copy of a program and 
the right to use it, and forbidding unauthorized duplication 
and distribution of the software. 

Load Analysis - Observing and analyzing a programs loading 
processes. 

Loader Program - See Front Program. 

Logio Bombs - A program that works normally under normal 
oiroumstances, but, when triggered, will change it’s 

funotion in a possibly destructive fashion. 

hoops - Special circuits used to test phone lines. 

Hissing Data Field - A data filed that does not exits, it happens 
when there 'b two address fields in a row without a data 
field in between them. 

Hissing Sector - A sector which do not exist. Usually one of the 
middle sectors is omitted when the disk is formatted. 

Hoilam - A device which permits two or more computers to exchange 
Information over telephone lines. 

‘Hi l.lnn Hystems - Computer systems which can be accessed through 
InInoommunioations. 

iivm r 11 I nil Tracks - Tracks with more than 18 sectors. 

I'mllml Directory - A directory containing incomplete file 
I nfiu mnl. I on. 

i MMMttni il A snqutinoo of characters which permits a user access 
• n nyMlitm. If the password is entered incorrectly, the 

HUH, In ilnnlml nccoHH. 
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I’ll ten I, - The right to exclusively create and distribute an item. 
A patent protects both the idea and the expression. 

Phantom Sectors - See Wandering Bits. 

Phreaks, Phone Phreaks, Phreakers - Persons whose hobby is 
working with telecommunications and the telephone system. 
They are usually involved in illegal phone use. 

Pirate - A person who makes and/or distributes illegal copies of 
copyrighted programs. 

Pirate Boards - Bulletin Boards with the primary purpose of 
posting and exchanging pirated software and information on 
copying programs. 

Profiteer - A person who pirates software for profit. 

Program Worms - Programs that can duplicate themselves, migrate 
between computer systems on a network, and utilize idle 
computer time for their own purposes. 

Protocol - A standard procedure used when transmitting data that 
enables the sender to properly encode the information, ,and 
the receiver to properly decipher it. 

Pseudo Cartridges - Cartridges used with cartridge back up 
systems to trick the computer into believing that an actual 
cartridge program is installed. 

Pseudo Directory - a directory which contains false or inaccurate 
information about the disk files. 

Reverse Engineering - a method of duplication. It’s done by 
studying the original and its construction, and creating a 
duplicate the same way the original was built. 

Sector - A segment of a track. Standard Atari ST format calls for 
9 sectors per track, with 512 bytes per sector. See also 
Format, Track. 

Sector Analysis - The study of the sectors on a disk, including 
determining statuses, and examining the format of the disk. 

Sector Gap - An empty space between sectors on a disk. This gap 
shows the computer where one sector starts and another 
sector ends. 

Sector Gap Pattern - A protection technique which fills the 
sector gap with data. 

Self Destructing Programs - Programs which will destroy 
themselves under a specific set of conditions. See also 
Logic Bombs. 
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MT Protection Techniques 


Glossary 


Half Modifying Code - Special program code that looks like 
meaningless numbers or simple data when it’s stored on the 
disk or printed in a program listing, but changes into 
program instructions when loaded into the computer. The bit 
patterns can be actual machine language code, or the data 
can be altered inside the computer to form machine language 
instructions. 

Shareware - See Freeware/Shareware.' 

Short Sectors - Sectors which contain less than 512 bytes of data 
(the standard GEMDOS sector size). The ST disk controller 
chip can read 128 byte and 256 byte sectors (also 1024 byte 
sectors). See also Different Size Sectors, Format, Sector, 
Track. 

Side - The bottom (side 0) or top (side 1) surface of a floppy 
disk. 

Site Licensing - the practice of selling a number of copies of 
software and the right to use them. The arrangement usually 
includes limited liability for illegal copies, and/or the 
right to make a limited number of copies for company use 
only (not for distribution). 

Software Key - A protection key that is part of the program. It 
may also be a special format on a disk. 

Software Licensing - See Licensing. 

SYSOP - System Operator. The owner or person in charge of a 
bulletin board. 

Tokon - A number which represents a BASIC command, and is used to 
save storage space. 

Track - A circluar path on a disk. Standard Atari ST disks have 
80 tracks per side, 9 sectors per track (512 byte). The 
track size cannot change, so if sectors are a different 
size, the number of sectors per track will change. Up to 82 
tracks can fit on a disk (some drives cannot handle the 81** 
It 82 * a tracks). See also Format, Sector. 

Trade Secret - An idea, formula, process, or information that 
makes a product unique. It must be kept confidential. 

Trojan Horse Programs - Programs, often destructive, with 
deceptive, innocent sounding names. 

Chilli Magas Inn - A magazine devoted to hackers and phreakers. 

tinl f mm Commercial Code - The body of law which governs most 
IiohIiiohh transactions inside the United States. 
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Ml I'rutnctIon Techniques 


Glossary 


Unstable Sectors - See Wandering Bits. 

Vaccine - A special program that seeks out and erases virus 
programs, or prevent virus programs from infecting a system. 

Virus - A program that is able to make copies of itself. It 
attaches itself to programs, and spreads from computer to 
computer as the program is passed along. A virus program may 
be destructive, useful, or simply annoying. 

VTOC - Volume Table of Contents. It keeps track of which disk 
sectors are full or free on Atari 8-bit computers. The ST 
computers use the File Allocation Table (FAT) to perform the 
same function. 

Wandering Bits - Data that changes every time it's read. 

Worm - See Program Worm. 

XBIOS - Extended Basic Input Output System. These are the 
functions that handle the special hardware features of the 
Atari ST (see BIOS). 
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LIMITED WARRANTY 


Alpha Systems warrants the original purchaser of this computer software product 
that the recording medium on which the software programs are recorded will be free 
from defects in materials and workmanship for ninety days from the date of 
purchase. Defective media returned by the purchaser during that ninety day period 
will be replaced without charge, provided that the returned media have not been 
subjected to misuse, damage, or excessive wear. 

Following the initial ninety day warranty period, defective media will be 
replaced for a replacement fee of $6.50. 

Defective media should be returned to: 

ALPHA SYSTEMS 
1012 SKYLAND DRIVE 
MACEDONIA, OH. 44056 

in protective packaging accompanied by: (1) a brief statement describing the defect! 
(2) a $6.50 check or money order (if beyond the ninety day warranty period); (3) 
your return address; (<f) the problem disk. 

'.Vhat is Not Covered by this Warranty 

This warranty does not apply to the software programs themselves, the programs me 
provided "as is”. 

This warranty is in lieu of ail other warranties, whether oral or written, express or 
implied. Any implied warranties, including imputed warranties of merchantability arid 
fitness for a particular purpose, are limited in duration to ninety days from the date 
of purchase. Alpha Systems shall not be liable for incidental or consequential damage 
for breach of any express or implied warranty. 

The provisions of the foregoing warranty are subject to the laws of the state In 
which the disk is purchased. Such laws may broaden the warranty protection 
available to the purchaser of the disk. 

Tell Us What You Think 

We at Alpha Systems are sincerely interested in bringing you the best possible 
products at the lowest possible prices. Please write us if you experience any 
difficulties with our products, or have any comments or ideas for Improvement!. We 
will do our best to make our products better meet your needs. When you wille, 
please enclose the following: 1) Your name, address, and phone number, i) Yum 
comments, or a description of your problem. 3) A description of your system. <i) If 
you are reporting a problem, please also include a description of wlmt you wne 
doing when the problem occurred, any printouts or other output showing the piohlmn 
If possible, and any suggestions you may have regarding the cause and solution 





The frustration of ruined software has touched every computer 
owner. Damaged software can wipe out days of work or leave 
you unable to complete a critical job. The only reasonable insur¬ 
ance against such losses is to keep back-up copies. 

But the critical need for back-ups is overshadowed by today's 
unprecedented software piracy. The duplication and exchange 
of copyrighted software products has cost software publishers 
over 800 million dollars this year alone. 

Today's pirates employ increasingly resourceful means of copy¬ 
ing and distributing copyrighted software. Pirated programs 
posted on electronic bulletin boards can be transmitted (often 
using illegal access codes on long distance carriers) around 
the globe. 

Today's software publishers are employing increasingly sophis¬ 
ticated and unusual techniques to combat this problem. 

This guidebook and the accompanying disk programs will 
reveal for the first time the state of the art of software protection 
methods and the techniques used to overcome them. It covers, 
in complete detail, the most complex protection schemes avail¬ 
able today. This book covers the technical details of piracy as 
well as the social changes and motivations that encourage piracy. 
It discusses the technical aspects of the protection methods most 
likely to appear in the future, and provides a clear explanation 
of where these trends in software protection are leading. 



